Directory Traversal Vulnerability in Geovision Digital Video Surveillance System
CVE-2009-5087

Currently unrated

Key Information:

Vendor: Geovision
Status: Digital Surveillance System
Vendor: CVE Published:; 12 September 2011

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2009-5087?

The directory traversal vulnerability in the Geohttpserver component of Geovision Digital Video Surveillance System version 8.2 enables remote attackers to gain unauthorized access to sensitive files. By exploiting this flaw, an attacker can manipulate the URL to traverse directories and read arbitrary files on the server, potentially exposing sensitive configuration files and data. It is crucial for users of this software to apply security patches and implement best practices to secure their systems against such attacks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2009-5087 - Proof of Concept

References

http://securityreason.com/securityalert/8372

third-party-advisoryx_refsource_SREASON

http://www.exploit-db.com/exploits/8041

exploitx_refsource_EXPLOIT-DB

https://exchange.xforce.ibmcloud.com/vulnerabilities/48674

vdb-entryx_refsource_XF

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Sep 12, 2011
👾
Exploit known to exist
Sep 12, 2011
Vulnerability published
Sep 12, 2011
Vulnerability Reserved
Sep 9, 2011

CVE-2009-5087 Data

JSON