PT-2019-16575 · C520V21 · C520V21

Published

2019-11-18

Updated

2019-11-20

CVE-2019-3423

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions C520V21 smart camera devices versions V2.1.14 and below

Description A permission and access control issue exists, allowing an attacker to construct a URL for directory traversal. This enables access to unauthorized files or resources.

Recommendations For versions V2.1.14 and below, consider restricting access to the device until a patch is available. As a temporary workaround, limit the construction of URLs that could lead to directory traversal to minimize the risk of exploitation.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2019-3423

Affected Products

C520V21

PT-2019-16575 · C520V21 · C520V21

CVE-2019-3423

Weakness Enumeration

Related Identifiers

Affected Products

References · 3