Hacker News new | ask | show | jobs
by SCHiM 2178 days ago
Sounds like a directory traversal to me :)

It's generally a bad idea to have the user in control of filenames you create if those files are not on a device they own.
1 comments
thaumasiotes 2178 days ago
In this case, it sounds like the files were on a device owned by the user?
link
account42 2178 days ago
The user in control here is the one configuring the SSID, which is not necessarily the same one owning the device used to connect to it.
link
gimboland 2178 days ago
I guess SCHiM means "own" as in "have administrative control over".
link