Directory Traversal Vulnerability in Hitachi Kokusai Electric Network Products

Directory Traversal Vulnerability in Hitachi Kokusai Electric Network Products

CVE-2022-37681 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Hitachi Kokusai Electric Newtork products for monitoring system (Camera, Decoder and Encoder) and below allows attckers to perform a directory traversal via a crafted GET request to the endpoint /ptippage.cgi. Security information ID hitachi-sec-2022-001 contains fixes for the issue.

Learn more about our Web Application Penetration Testing UK.