MidnightBSD

Advisories for intellinet-network

CVE-2017-7461 MEDIUM

Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
intellinet-network nfc-30ir_firmware lm.1.6.16.05
CVE-2017-7462 HIGH

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-798,

Products Affected

Vendor Product Version
intellinet-network nfc-30ir_firmware lm.1.6.16.05