Vulnerability Details CVE-2017-7461
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.078
EPSS Ranking 91.6%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 6.8
Products affected by CVE-2017-7461
-
cpe:2.3:h:intellinet-network:nfc-30ir:-
-
cpe:2.3:o:intellinet-network:nfc-30ir_firmware:lm.1.6.16.05