Skip to Main Content
-include-..-2F..-2F..-2F..-2Froot-2F

-include-..-2f..-2f..-2f..-2froot-2f

Professional Satellite Modulator (DVBS, DVBS-2)

-include-..-2f..-2f..-2f..-2froot-2f

: If an attacker can "include" a file they uploaded elsewhere on the server, they may execute arbitrary commands.

http://vulnerable.site/index.php?include=-include-..-2F..-2F..-2F..-2Froot-2Fetc-2Fpasswd -include-..-2F..-2F..-2F..-2Froot-2F

Let’s break this string down methodically. : If an attacker can "include" a file

To understand the threat, the payload must be decoded and parsed. -include-..-2F..-2F..-2F..-2Froot-2F