vendor:
TD-2308SS-B
by:
Cesar Neira
7,5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: TD-2308SS-B
Affected Version From: 3.1.43.B
Affected Version To: 3.2.9.P-3520A-06
Patch Exists: YES
Related CWE: CVE-2013-6023
CPE: h:tvt:td-2308ss-b
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: TVT DVR TD-2308SS-B
2013
TVT TD-2308SS-B DVR directory traversal
A directory traversal vulnerability exists in TVT TD-2308SS-B DVR. An attacker can exploit this vulnerability to gain access to sensitive information such as configuration files. This vulnerability affects firmware versions 3.1.43.B, 3.1.43.P, 3.1.6.P-1.0.2.1-03, 3.1.75.B-1.0.2.1-00, 3.1.7.B-1.0.2.1-00, 3.1.81.B-1.0.2.1-00, 3.1.83.B-1.0.2.1-00, 3.1.83.P-1.0.4.2-03, 3.1.87.P-1.0.4.2-17, 3.1.91.P-1.0.2.1-03, 3.1.92.P-1.0.2.1-00, 3.1.93.B-1.0.2.1-17, 3.2.0.B-1.0.2.1-17, 3.2.0.P-1.0.2.1-03, 3.2.0.P-1.0.2.1-17, 3.2.0.P-1.0.6.0.32-00, 3.2.0.P-3520A-00, 3.2.0.P-3520A-03, 3.2.0.P-3531-00, 3.2.0.P-3531-11, 3.2.0.P-FH-00, 3.2.9.P-3520A-06 and maybe others.
Mitigation:
The vendor has released a patch to address this vulnerability.
