module
JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure
| Disclosed |
|---|
| 2016-08-16 |
Disclosed
2016-08-16
Description
SIEMENS IP-Camera (CVMS2025-IR + CCMS2025), JVC IP-Camera (VN-T216VPRU),
and Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR)
allow an unauthenticated user to disclose the username & password by
requesting the javascript page 'readfile.cgi?query=ADMINID'.
Siemens firmwares affected: x.2.2.1798, CxMS2025_V2458_SP1, x.2.2.1798, x.2.2.1235
and Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR)
allow an unauthenticated user to disclose the username & password by
requesting the javascript page 'readfile.cgi?query=ADMINID'.
Siemens firmwares affected: x.2.2.1798, CxMS2025_V2458_SP1, x.2.2.1798, x.2.2.1235
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.