CVE-2012-1025

Enigma2 Webinterface <1.7.0 - Path Traversal

Title source: llm

Description

Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter.

Exploits (1)

exploitdb WORKING POC

by Todor Donev · perlwebappslinux

https://www.exploit-db.com/exploits/18343

View Code ZIP pw:eip

References (1)

[Exploit] http://www.exploit-db.com/exploits/18343

Scores

EPSS 0.0401

EPSS Percentile 88.5%

Details

CWE

CWE-22

Status published

Products (11)

dream-multimedia-tv/enigma2_webinterface 1.6 rc3

dream-multimedia-tv/enigma2_webinterface 1.6.0

dream-multimedia-tv/enigma2_webinterface 1.6.1

dream-multimedia-tv/enigma2_webinterface 1.6.2

dream-multimedia-tv/enigma2_webinterface 1.6.3

dream-multimedia-tv/enigma2_webinterface 1.6.4

dream-multimedia-tv/enigma2_webinterface 1.6.5

dream-multimedia-tv/enigma2_webinterface 1.6.6

dream-multimedia-tv/enigma2_webinterface 1.6.7

dream-multimedia-tv/enigma2_webinterface 1.6.8

... and 1 more

Published Feb 08, 2012

Tracked Since Feb 18, 2026