Back to search
CVE-2009-1556
Published: May 6, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the next_file parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerability than CVE-2004-2507.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-2/
x_refsource_MISC
ADV-2009-1173
vdb-entry
x_refsource_VUPEN
34767
third-party-advisory
x_refsource_SECUNIA
34629
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now