Back to search
CVE-2018-7539
Published: Apr 17, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../../../etc/passwd) to the web server (fuzzd/0.1.1) running the Maintenance Center on port TCP/8088. This can lead to full compromise of the device.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20180413 Re: CVE-2018-7539 Directory Traversal on Appear TV Maintenance centre 8088
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now