Path Traversal in Jvc (Jvckenwood) Ip-camera (Vn-t216vpru)
CVE-2016-15055
JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.008 (52.7th percentile) — read the EPSS interpretation.
Affected products
- Jvc (Jvckenwood) Ip-camera (Vn-t216vpru) — versions 0
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (technical-description)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)