CVE-2009-2046
Cisco Video Surveillance 2500 Series IP Camera <2.1 - Info Disclosure
Title source: llmDescription
The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022445
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35478
Scores
EPSS
0.0114
EPSS Percentile
62.8%
Details
CWE
CWE-200
Status
published
Products (1)
cisco/video_surveillance_2500_series_ip_camera
< 2.0
Published
Jun 25, 2009
Tracked Since
Feb 18, 2026