Summary
Foscam is prone to a directory-traversal vulnerability.
Remote attackers can use specially crafted requests with directory- traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks.
Solution
Updates are available. Please see the references or vendor advisory for more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-2560 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N
Related Vulnerabilities
- Arkeia Appliance Path Traversal Vulnerability
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities
- ALCASAR Remote Code Execution Vulnerability