Описание
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and /etc/issue by supplying absolute file paths.
EPSS
Процентиль: 14%
0.00045
Низкий
8.8 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.8
github
около 1 месяца назад
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and /etc/issue by supplying absolute file paths.
EPSS
Процентиль: 14%
0.00045
Низкий
8.8 High
CVSS3
Дефекты
CWE-22