Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.exploit-db.com/exploits/41829/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-04-11T15:00:00
Updated: 2024-08-05T16:04:11.249Z
Reserved: 2017-04-05T00:00:00
Link: CVE-2017-7461
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-04-11T15:59:00.323
Modified: 2017-04-18T15:56:37.807
Link: CVE-2017-7461
Redhat
No data.