CVE-2015-7245

HIGH NUCLEI

D-link Dvg-n5402sp Firmware - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.

Exploits (1)

exploitdb WRITEUP

by Karn Ganeshen · textwebappshardware

https://www.exploit-db.com/exploits/39409

View Code ZIP pw:eip

Nuclei Templates (1)

D-Link DVG-N5402SP - Local File Inclusion

HIGHby 0x_Akoko

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html

[Exploit, Third Party Advisory, VDB Entry] http://seclists.org/fulldisclosure/2016/Feb/24

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/39409/

Scores

CVSS v3 7.5

EPSS 0.8937

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (3)

d-link/dvg-n5402sp_firmware w1000cn-00

d-link/dvg-n5402sp_firmware w1000cn-03

d-link/dvg-n5402sp_firmware w2000en-00

Published Apr 24, 2017

Tracked Since Feb 18, 2026