Directory Traversal Vulnerability in Vivotek IP Cameras
CVE-2013-1597

6.5MEDIUM

Key Information:

Vendor

Vivotek

Status
Pt7135 Firmware
Vendor
CVE Published:
24 January 2020

What is CVE-2013-1597?

A directory traversal vulnerability in Vivotek PT7135 IP Cameras 0300a and 0400a can be exploited through specifically crafted GET requests. This flaw allows an attacker unauthorized access to the file system of the camera, potentially leading to the exposure of sensitive user credentials. It is crucial for users to implement security measures and updates to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/59576
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/83947
x_refsource_MISC
https://www.coresecurity.com/advisories/vivotek-ip-camera...
x_refsource_MISC

EPSS Score

10% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.