CVE-2006-3604

Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot) and encoded / (%2f) sequence in the URL.

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/439648/100/0/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/440893/100/100/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/450478/100/0/threaded
MISC: http://www.digitalarmaments.com/2006300687985463.html
BID: http://www.securityfocus.com/bid/18948
SECUNIA: http://secunia.com/advisories/20994
XF: http://xforce.iss.net/xforce/xfdb/27656
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3604

7 years
228 countries
153k users
1064k calculations
Logo www.elsec.cz
Logo www.power-shop.gr
Logo reolink.com
Logo blog.camcloud.com
Logo www.a1securitycameras.com
Logo www.kelcom.cz