Vulnerability Details CVE-2009-2046
The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
- http://www.securityfocus.com/bid/35478
- http://www.securitytracker.com/id?1022445
- http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
- http://www.securityfocus.com/bid/35478
- http://www.securitytracker.com/id?1022445
Products affected by CVE-2009-2046
-
cpe:2.3:h:cisco:video_surveillance_2500_series_ip_camera:*