CVE-2013-6023 - OpenCVE

Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:C/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Tvt	Dvr Firmware Dvr

Configuration 1 [-]

AND

cpe:2.3:h:tvt:dvr:td-2308ss-b:-:*:*:*:*:*:*

OR	cpe:2.3:o:tvt:dvr_firmware::::::::
	cpe:2.3:o:tvt:dvr_firmware:3.1.6.p-1.0.2.1-03:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.7.b-1.0.2.1-00:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.43.b:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.43.p:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.75.b-1.0.2.1-00:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.81.b-1.0.2.1-00:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.83.b-1.0.2.1-00:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.83.p-1.0.4.2-03:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.87.p-1.0.4.2-17:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.91.p-1.0.2.1-03:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.92.p-1.0.2.1-00:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.1.93.b-1.0.2.1-17:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.2.0.b-1.0.2.1-17:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.2.0.p-1.0.2.1-03:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.2.0.p-1.0.2.1-17:::::::*
	cpe:2.3:o:tvt:dvr_firmware:3.2.0.p-1.0.6.0.32-00:::::::*

References

Link	Resource
http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html
http://www.exploit-db.com/exploits/29959	Exploit
http://www.kb.cert.org/vuls/id/785838	US Government Resource
http://www.securityfocus.com/bid/63360	Exploit

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2013-11-02T21:00:00

Updated: 2015-05-19T17:57:00

Reserved: 2013-10-04T00:00:00

Link: CVE-2013-6023

JSON object: View

NVD Information

Status : Analyzed

Published: 2013-11-02T21:55:02.973

Modified: 2016-03-31T17:31:42.373

Link: CVE-2013-6023

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-10-25T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-05-19T17:57:00", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#785838", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/785838"}, {"name": "29959", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/29959"}, {"name": "63360", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/63360"}, {"tags": ["x_refsource_MISC"], "url": "http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2013-6023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#785838", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/785838"}, {"name": "29959", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/29959"}, {"name": "63360", "refsource": "BID", "url": "http://www.securityfocus.com/bid/63360"}, {"name": "http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html", "refsource": "MISC", "url": "http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html"}]}}}}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2013-6023", "datePublished": "2013-11-02T21:00:00", "dateReserved": "2013-10-04T00:00:00", "dateUpdated": "2015-05-19T17:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:tvt:dvr:td-2308ss-b:-:*:*:*:*:*:*", "matchCriteriaId": "7EBB87B3-B7FF-4D14-B4A1-8F7157B4893E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:tvt:dvr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCA58536-640A-4E65-A429-B51D6F290A79", "versionEndIncluding": "3.2.0.p-3520a-03", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.6.p-1.0.2.1-03:*:*:*:*:*:*:*", "matchCriteriaId": "E2CE0FC6-1A91-4DFB-B816-848761396A76", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.7.b-1.0.2.1-00:*:*:*:*:*:*:*", "matchCriteriaId": "FFEFFCBC-AE00-4027-9562-0305F72CC365", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.43.b:*:*:*:*:*:*:*", "matchCriteriaId": "32542069-F112-4E0A-8A2F-3BFC0D68EFD6", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.43.p:*:*:*:*:*:*:*", "matchCriteriaId": "213B366A-07D3-4D36-A7F9-1E664B19B20F", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.75.b-1.0.2.1-00:*:*:*:*:*:*:*", "matchCriteriaId": "D211A07D-258C-405F-9D52-E5261891971F", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.81.b-1.0.2.1-00:*:*:*:*:*:*:*", "matchCriteriaId": "E6DDC083-FA33-47CF-BAA4-E1AD9CB5670D", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.83.b-1.0.2.1-00:*:*:*:*:*:*:*", "matchCriteriaId": "ECE5730C-7F36-4A60-B543-745CDB08BA01", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.83.p-1.0.4.2-03:*:*:*:*:*:*:*", "matchCriteriaId": "B8CCDD03-0A4C-4F06-ADB8-66EFB36BC1EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.87.p-1.0.4.2-17:*:*:*:*:*:*:*", "matchCriteriaId": "FFB5CA33-1C63-4D24-9B1D-C89D386251E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.91.p-1.0.2.1-03:*:*:*:*:*:*:*", "matchCriteriaId": "182701D5-63AE-49D7-A228-42A69656AF9A", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.92.p-1.0.2.1-00:*:*:*:*:*:*:*", "matchCriteriaId": "4437B55C-CD0E-41C7-8236-C035E3C65E30", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.1.93.b-1.0.2.1-17:*:*:*:*:*:*:*", "matchCriteriaId": "D71B2ACA-1982-4A23-A999-BCB7247E7BF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.2.0.b-1.0.2.1-17:*:*:*:*:*:*:*", "matchCriteriaId": "695EADA7-8CF9-4BAA-82C2-4AE1FEDC0C20", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.2.0.p-1.0.2.1-03:*:*:*:*:*:*:*", "matchCriteriaId": "17CE89E0-E9F3-466F-8939-B279233B823D", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.2.0.p-1.0.2.1-17:*:*:*:*:*:*:*", "matchCriteriaId": "1244E0DB-1476-4536-A376-CE6DC2E3C6E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:tvt:dvr_firmware:3.2.0.p-1.0.6.0.32-00:*:*:*:*:*:*:*", "matchCriteriaId": "57F2FBCB-9359-47A0-9CC7-F46B69F36E28", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el DVR TVT TD-2308SS-B con firmware 3.2.0.P-3520A-00 y anteriores permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en el URI."}], "id": "CVE-2013-6023", "lastModified": "2016-03-31T17:31:42.373", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-11-02T21:55:02.973", "references": [{"source": "cret@cert.org", "url": "http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html"}, {"source": "cret@cert.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/29959"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/785838"}, {"source": "cret@cert.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/63360"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}