CVE-2013-1604

MayGion IP Camera Firmware < 09.27 - Path Traversal via Default URI

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1604. PoCs published by Core Security.

AI-analyzed exploit summary The exploit demonstrates a path traversal vulnerability (CVE-2013-1604) to leak credentials and a buffer overflow (CVE-2013-1605) to achieve arbitrary code execution in MayGion IP cameras. Both PoCs are simple HTTP requests triggering the vulnerabilities without authentication.

Description

Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textwebappshardware

https://www.exploit-db.com/exploits/25813

View Code ZIP pw:eip

The exploit demonstrates a path traversal vulnerability (CVE-2013-1604) to leak credentials and a buffer overflow (CVE-2013-1605) to achieve arbitrary code execution in MayGion IP cameras. Both PoCs are simple HTTP requests triggering the vulnerabilities without authentication.

Classification

Working Poc 90%

Attack Type

Rce | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: MayGion IP cameras firmware v09.27 and below

No auth needed

Prerequisites: Network access to the vulnerable IP camera

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/84589

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/25813

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/60192

Exploit mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2013/May/194

Exploit x_refsource_misc

http://www.coresecurity.com/advisories/maygion-IP-cameras-multiple-vulnerabilities

Scores

EPSS 0.0368

EPSS Percentile 88.2%

Details

CWE

CWE-22

Status published

Products (8)

maygion/ip_camera_firmware 05.49

maygion/ip_camera_firmware 05.53

maygion/ip_camera_firmware 05.59

maygion/ip_camera_firmware 05.60

maygion/ip_camera_firmware 6.0

maygion/ip_camera_firmware 6.1

maygion/ip_camera_firmware 6.2

maygion/ip_camera_firmware < 09.27

Published Mar 25, 2014

Tracked Since Feb 18, 2026