PT-2025-53332 · Beward · Beward N100 H.264 Vga Ip Camera
Published
2025-12-24
·
Updated
2026-01-05
·
CVE-2019-25246
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Beward N100 H.264 VGA IP Camera version M2.1.6
Description
The Beward N100 H.264 VGA IP Camera version M2.1.6 contains a flaw that allows authorized attackers to access arbitrary system files. This is possible through the
READ.filePath parameter. Attackers can utilize the fileread script or the SendCGICMD API to gain access to sensitive files, such as /etc/passwd and /etc/issue, by providing absolute file paths. The API endpoint SendCGICMD is involved in this issue. The vulnerable parameter is READ.filePath.Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Beward N100 H.264 Vga Ip Camera