CVE-2013-3429

Cisco Video Surveillance Manager < 7.0.0 - Path Traversal via Crafted URL

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-3429.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Cisco Video Surveillance Operations Manager 6.3.2, including local file inclusion (LFI) via unvalidated log file paths, authentication bypass, and XSS. The PoC provides direct URLs and payloads to exploit these issues.

Description

Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.

Exploits (1)

exploitdb WORKING POC
webappsjsp
https://www.exploit-db.com/exploits/24786

The exploit demonstrates multiple vulnerabilities in Cisco Video Surveillance Operations Manager 6.3.2, including local file inclusion (LFI) via unvalidated log file paths, authentication bypass, and XSS. The PoC provides direct URLs and payloads to exploit these issues.

Classification
Working Poc 90%
Attack Type
Info Leak | Auth Bypass | Xss
Complexity
Trivial
Reliability
Reliable
Target: Cisco Video Surveillance Operations Manager 6.3.2
No auth needed
Prerequisites: Network access to the target server · Target running Cisco Video Surveillance Operations Manager 6.3.2
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/61430
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/85947
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1028827

Scores

EPSS 0.1019
EPSS Percentile 95.1%

Details

CWE
CWE-22
Status published
Products (18)
cisco/video_surveillance_manager 1.1.0
cisco/video_surveillance_manager 1.2.1
cisco/video_surveillance_manager 2.0.0
cisco/video_surveillance_manager 2.1
cisco/video_surveillance_manager 2.1.2
cisco/video_surveillance_manager 2.1.3
cisco/video_surveillance_manager 2.1.4
cisco/video_surveillance_manager 2.1.6
cisco/video_surveillance_manager 2.1.7
cisco/video_surveillance_manager 2.3.0
... and 8 more
Published Jul 25, 2013
Tracked Since Feb 18, 2026