D-link IP Camera DCS-2103 Firmware 1.0.0 Path Disclosure Vulnerability

CVE-2014-9238 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers to obtain the installation path via the file parameter to cgi-bin/sddownload.cgi, as demonstrated by a / (forward slash) character.

Learn more about our Web Application Penetration Testing UK.