Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-02-18T17:00:00
Updated: 2018-10-10T18:57:01
Reserved: 2009-02-18T00:00:00
Link: CVE-2009-0640
JSON object: View
NVD Information
Status : Modified
Published: 2009-02-20T06:47:48.217
Modified: 2018-10-10T19:29:57.403
Link: CVE-2009-0640
JSON object: View
Redhat Information
No data.
CWE