Описание
JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this vulnerability to read arbitrary files on the device.
Ссылки
EPSS
Процентиль: 80%
0.01384
Низкий
Дефекты
CWE-22
Связанные уязвимости
github
около 1 месяца назад
JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this vulnerability to read arbitrary files on the device.
EPSS
Процентиль: 80%
0.01384
Низкий
Дефекты
CWE-22