Velotismart wifi b380 camera directory traversal Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-07-16 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Velotismart wifi b380 camera directory traversal is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
Title: Vulnerability in VelotiSmart Wifi - Directory Traversal
Date: 12-07-2018
Scope: Directory Traversal
Platforms: Unix
Author: Miguel Mendez Z
Vendor: VelotiSmart
Version: B380
CVE: CVE-2018–14064
Vulnerability description
-------------------------
- The vulnerability that affects the device is LFI type in the uc-http service 1.0.0. What allows to obtain information of configurations, wireless scanned networks, sensitive directories, etc. Of the device.
Poc:
https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac Title: Vulnerability in VelotiSmart Wifi - Directory Traversal
Date: 12-07-2018
Scope: Directory Traversal
Platforms: Unix
Author: Miguel Mendez Z
Vendor: VelotiSmart
Version: B380
CVE: CVE-2018–14064
Vulnerability description
-------------------------
- The vulnerability that affects the device is LFI type in the uc-http service 1.0.0. What allows to obtain information of configurations, wireless scanned networks, sensitive directories, etc. Of the device.