CVE-2009-2046

The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
ciscovideo_surveillance_2500_series_ip_camera
𝑥
≤ 2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
http://www.securityfocus.com/bid/35478
http://www.securitytracker.com/id?1022445
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
http://www.securityfocus.com/bid/35478
http://www.securitytracker.com/id?1022445