NuytsTech Security

CVE-2009-0640

by ·

Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords.

Date published : 2009-02-18

http://www.securityfocus.com/bid/33716

http://www.securityfocus.com/archive/1/500789/100/0/threaded

Tags: