Path Traversal in Dbl Technology (Dbltek) Goip-1
CVE-2022-4982
DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sid…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.004 (34.3th percentile) — read the EPSS interpretation.
Affected products
- Dbl Technology (Dbltek) Goip-1 — versions 0
Weakness classification (CWE)
References
- disclosure@vulncheck.com (technical-description, exploit)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)