| VID |
29096 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Linksys Web Camera server is vulnerable to a file inclusion vulnerability in main.cgi.
Linksys Web Camera software version 2.10 is reportedly prone to this issue, however, it is possible that other versions are affected as well. A remote attacker could use this flaw to disclose arbitrary files on the vulnerable system.
* References:
http://www.securiteam.com/securitynews/5BP0E0UDFW.html
http://www.securityfocus.com/archive/1/365387
http://www.linksys.com/products/product.asp?prid=566&scid=38
* Platforms Affected:
Linksys Web Camera software version 2.10 |
| Recommendation |
No upgrade or patch available as of June 2014.
If it is not needed, please disable its Web service. |
| Related URL |
(CVE) |
| Related URL |
10476 (SecurityFocus) |
| Related URL |
16339 (ISS) |
|
