Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Peplink Balance产品路径遍历漏洞
Vulnerability Description
Peplink Balance 305等都是用于中型企业的多出口负载均衡路由器。 使用fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093之前版本固件的多款Peplink Balance产品中的/cgi-bin/MANGA/firmware_process.cgi文件存在目录遍历漏洞。攻击者可借助特制的参数利用该漏洞删除任意文件。以下产品受到影响:Peplink Balance 305;380;580;710;1350;2500。
CVSS Information
N/A
Vulnerability Type
N/A