CVE-2009-1556

CVE Database · CVE-2009-1556

CVE-2009-1556

· N/AModified

CVSS v3.1

N/A

EPSS

0.92%

Published

May 6, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the next_file parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerability than CVE-2004-2507.

Weaknesses (CWE)

CWE-200

Affected Products (2)

cisco · wvc54gcavulnerable

References (8)

http://secunia.com/advisories/34767

Vendor Advisory

http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-2/

Exploit

http://www.securityfocus.com/bid/34629

http://www.vupen.com/english/advisories/2009/1173

Vendor Advisory