CVE-2012-6609

Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt