The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote malicious user to read/write arbitrary files. This can be exploited via ../ sequences in the pathname to miner_file or miner_getfile.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
claymore dual miner project claymore dual miner 10.1 |