Geovision · Geovision Digital Video Surveillance System · CVE-2009-5087
**Name of the Vulnerable Software and Affected Versions**
Geovision Digital Video Surveillance System version 8.2
**Description**
A directory traversal issue exists, allowing remote attackers to read arbitrary files by including a .. (dot dot) in a GET request to the geohttpserver.
**Recommendations**
For Geovision Digital Video Surveillance System version 8.2, consider restricting access to the geohttpserver until a patch is available. As a temporary workaround, limit the ability to send GET requests with .. (dot dot) sequences to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.