Описание
An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately filter characters results in allowing an attacker to specify a file outside of a directory. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
Ссылки
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одновременно
EPSS
7.7 High
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately filter characters results in allowing an attacker to specify a file outside of a directory. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
EPSS
7.7 High
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2