Description
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter.
Affected products
- NETGEAR / fm114p1.4_beta_release_17 – 1.4_beta_release_17