PT-2006-4479 · Flexwatch · Flexwatch Network Camera
Published
2006-07-14
·
Updated
2024-02-14
·
CVE-2006-3604
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
FlexWATCH Network Camera versions 3.0 and earlier
Description
A directory traversal issue allows remote attackers to bypass access restrictions for sensitive pages, such as "admin/aindex.asp" or "admin/aindex.html", by using a ".." (dot dot) and encoded "/" (%2f) sequence in the URL.
Recommendations
For FlexWATCH Network Camera versions 3.0 and earlier, update to a version later than 3.0 to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Flexwatch Network Camera