CVE-2013-1604

Maygion IP Camera Firmware < 09.27 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textwebappshardware

https://www.exploit-db.com/exploits/25813

View Code ZIP pw:eip

References (5)

[Exploit] http://seclists.org/fulldisclosure/2013/May/194

[Exploit] http://www.coresecurity.com/advisories/maygion-IP-cameras-multiple-vulnerabilities

[Exploit] http://www.exploit-db.com/exploits/25813

[Exploit] http://www.securityfocus.com/bid/60192

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/84589

Scores

EPSS 0.1279

EPSS Percentile 93.9%

Classification

CWE

CWE-22

Status draft

Affected Products (8)

maygion/ip_camera_firmware < 09.27

maygion/ip_camera_firmware

Timeline

Published Mar 25, 2014

Tracked Since Feb 18, 2026