Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability
SecPod Research Team member (Veerendra G.G) has found a Directory Traversal Vulnerability in Avaya IP Office Manager TFTP Server. The vulnerability is caused due to improper validation of TFTP READ requests containing ‘../’ sequences, which allows attackers to read arbitrary files via directory traversal attacks and gain sensitive information. POC : Download here. Packet Capture : Download […]
Read More →