Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or modify administrative settings or make arbitrary VoIP telephone calls, by placing a character at the end of the PATH_INFO, as demonstrated by (1) %5C (encoded backslash), (2) '%' (percent), and (3) '~' (tilde). NOTE: the '/' (slash) vector is already covered by CVE-2007-5383.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
bt home_hub 'cgi/b' PATH_INFO权限绕过漏洞
Vulnerability Description
BT Home Hub router的cgi/b允许远程攻击者通过在PATH_INFO的末端放置一个字符(例如,(1) %5C (已编码的反斜线符号), (2) '%' (百分比), 以及 (3) '~' (否定号)),来绕过权限,和读取或修改管理设置或拨打任意VoIP电话。 注意: '/' (斜线 )向量已被CVE-2007-5383覆盖.
CVSS Information
N/A
Vulnerability Type
N/A