Axis » 2460 Network Dvr : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. (dot dot) in an HTTP POST request to ServerManager.srv, then use these privileges to conduct other activities, such as modifying files using editcgi.cgi.
Max CVSS
5.0
EPSS Score
1.49%
Published
2004-12-31
Updated
2017-07-11
1 vulnerabilities found