6 matches found
Directory traversal
The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to checkusers.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in...
CVE-2013-3311
Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. dot dot in the URL of an HTTP GET request...
CVE-2013-3311
CVE-2013-3311 (Loftek Nexus 543 IP Camera) is a directory traversal vulnerability that allows remote attackers to read arbitrary files by manipulating the URL in an HTTP GET request (".." sequence). Connected materials also describe a related issue (CVE-2013-3313) where passwords are stored in cl...
Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities
No description provided by source. CSRF: HTMLTITLELoftek Nexus 543 CSRF PoC/TITLE IMG...
Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities
Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities CSRF: Loftek Nexus 543 CSRF PoC Memory Dump: !/bin/sh This script exploits CVE-2013-3311 to retrieve kernel memory from a Loftek Nexus 543 IP camera The file which is downloaded can be analyzed strings to recover passwords and other goodies i...
Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities
CSRF: Loftek Nexus 543 CSRF PoC Memory Dump: !/bin/sh This script exploits CVE-2013-3311 to retrieve kernel memory from a Loftek Nexus 543 IP camera The file which is downloaded can be analyzed strings to recover passwords and other goodies if "$1x" != "x" && "$2x" != "x" ; then curl...