CVE-2015-7245

Name of the Vulnerable Software and Affected Versions D-Link DVG-N5402SP versions W1000CN-00 through W2000EN-00

Description A directory traversal issue allows remote attackers to read sensitive information by utilizing a .. (dot dot) in the errorpage parameter.

Recommendations For D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00, avoid using the errorpage parameter until a fix is available. As a temporary workaround, consider restricting access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.