ONKYO TX-NR585 could allow a remote malicious user to include arbitrary files. A remote attacker could send a specially-crafted URL request to specify a malicious file from the local system, which could allow the malicious user to obtain sensitive information or execute arbitrary code on the vulnerable Web server. Note: In order to exploit this vulnerability to execute arbitrary code using a local file, the attacker would first be required to upload a malicious file or inject arbitrary commands into an existing file.
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
onkyo tx-nr585_firmware 1000-0000-000-0008-0000