CVEs-PoC/2020/CVE-2020-10249.md

CVE-2020-10249

Description

BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3.

POC

Reference

• https://sku11army.blogspot.com/2020/03/bwa-multiple-vulnerabilities-in-direx.html

Github

No PoCs found on GitHub currently.