CVE-2013-1604

EUVD-2013-1640
Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
maygionip_camera_firmware
𝑥
≤ 09.27
maygionip_camera_firmware
05.49
maygionip_camera_firmware
05.53
maygionip_camera_firmware
05.59
maygionip_camera_firmware
05.60
maygionip_camera_firmware
6.0
maygionip_camera_firmware
6.1
maygionip_camera_firmware
6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2013/May/194
http://www.coresecurity.com/advisories/maygion-IP-cameras-multiple-vulnerabilities
http://www.exploit-db.com/exploits/25813
http://www.securityfocus.com/bid/60192
https://exchange.xforce.ibmcloud.com/vulnerabilities/84589
http://seclists.org/fulldisclosure/2013/May/194
http://www.coresecurity.com/advisories/maygion-IP-cameras-multiple-vulnerabilities
http://www.exploit-db.com/exploits/25813
http://www.securityfocus.com/bid/60192
https://exchange.xforce.ibmcloud.com/vulnerabilities/84589