Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability (4.x versions exist only for other Genie Access products).
References
Link | Resource |
---|---|
https://labs.nettitude.com/blog/cve-2019-7315-genie-access-wip3bvaf-ip-camera-directory-traversal/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-06-17T18:31:55
Updated: 2019-06-17T18:31:55
Reserved: 2019-02-03T00:00:00
Link: CVE-2019-7315
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-06-17T19:15:11.720
Modified: 2019-06-20T14:00:14.677
Link: CVE-2019-7315
JSON object: View
Redhat Information
No data.
CWE