Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-101256. PoCs published by LiquidWorm.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in DreamBox DM500 series devices, allowing arbitrary file download via crafted HTTP GET requests. The vulnerability is exploited by appending traversal sequences and null bytes to access sensitive files like /etc/passwd and configuration keys.
Description
DreamBox DM500(+) - Arbitrary File Download
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in DreamBox DM500 series devices, allowing arbitrary file download via crafted HTTP GET requests. The vulnerability is exploited by appending traversal sequences and null bytes to access sensitive files like /etc/passwd and configuration keys.