Trendnet TV-IP201 uses an embedded version of the GoAhead WebServer that is vulnerable to directory traversal and authentication bypass attacks.
3938f4301ab67da459dc7b0191cd8932b8bbb2fc91438b5fb3cfe53d9e610625simply go to http://ipaddress of
camera/..%5C..%5C..%5C..%5C..%5C..%5C/config/tcfg_system.asp (system
administration page)
These cams use an embedded version of GoAhead WebServer which is
vulnerable to the above attack because they don't correctly filter URL
encoded substitutions for the '/' character. Original vulnerability
and further explanation posted here:
http://www.securityfocus.com/bid/5197/info
William Reyor
--
Genius is one percent inspiration and ninety-nine percent perspiration.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed