CVE-2013-3429

Cisco Video Surveillance Manager < 6.3.3 - Path Traversal

Title source: rule

Description

Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.

Exploits (1)

exploitdb WORKING POC

webappsjsp

https://www.exploit-db.com/exploits/24786

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/61430

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/85947

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1028827

Scores

EPSS 0.1167

EPSS Percentile 93.7%

Details

CWE

CWE-22

Status published

Products (18)

cisco/video_surveillance_manager 1.1.0

cisco/video_surveillance_manager 1.2.1

cisco/video_surveillance_manager 2.0.0

cisco/video_surveillance_manager 2.1

cisco/video_surveillance_manager 2.1.2

cisco/video_surveillance_manager 2.1.3

cisco/video_surveillance_manager 2.1.4

cisco/video_surveillance_manager 2.1.6

cisco/video_surveillance_manager 2.1.7

cisco/video_surveillance_manager 2.3.0

... and 8 more

Published Jul 25, 2013

Tracked Since Feb 18, 2026