CVE-2006-3604

Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot) and encoded / (%2f) sequence in the URL.

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/439648/100/0/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/440893/100/100/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/450478/100/0/threaded
MISC: http://www.digitalarmaments.com/2006300687985463.html
BID: http://www.securityfocus.com/bid/18948
SECUNIA: http://secunia.com/advisories/20994
XF: http://xforce.iss.net/xforce/xfdb/27656
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3604

14 years
256 countries
683k users
4525k calculations
Logo cities-today.com
Logo sectech.co.nz
Logo ru.kedacom.com
Logo www.systemy-stech.cz
Logo www.use-ip.co.uk
Logo zoneway.cz