SiNVR/SiVMS Video Server FTP Path Traversal Vulnerability

SiNVR/SiVMS Video Server FTP Path Traversal Vulnerability

CVE-2019-19296 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The two FTP services (default ports 21/tcp and 5411/tcp) of the SiVMS/SiNVR Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server, if the FTP services are enabled.

Learn more about our Cis Benchmark Audit For Server Software.