CVE-2013-6023

CVE-2013-6023 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Cesar Neira.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in TVT TD-2308SS-B DVR devices, allowing unauthorized access to sensitive configuration files via a crafted HTTP request. The PoC uses curl to retrieve the config.dat file by traversing directories.

Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.