CVE-2021-42021

Name of the Vulnerable Software and Affected Versions Siveillance Video DLNA Server versions 2019 R1 through 2021 R1

Description The affected application contains a path traversal vulnerability that could allow an unauthenticated remote attacker to read arbitrary files on the server that are outside the application’s web document directory. This issue could be exploited to access sensitive information for subsequent attacks.

Recommendations For Siveillance Video DLNA Server versions 2019 R1 through 2021 R1, consider restricting access to sensitive files and directories on the server to minimize the risk of exploitation. As a temporary workaround, limit the application's ability to read files outside its web document directory until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.