Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) prior to 1.8.2 allows local users to overwrite arbitrary files, and remote malicious users to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
litech router advertisement daemon |