CVE-2018-15745

CVE Database · CVE-2018-15745

CVE-2018-15745

· N/AModified

CVSS v3.1

N/A

EPSS

97.71%

Published

Aug 30, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (3)

All weaponized →

Exploit-DBArgus Surveillance DVR 4.0.0.0 - Directory Traversal NucleiNuclei detection template TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.

Weaknesses (CWE)

CWE-22

Affected Products (1)

argussurveillance · dvrvulnerable

References (6)

http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-PATH-TRAVERSAL-FILE-DISCLOSURE.txt

ExploitThird Party Advisory

http://packetstormsecurity.com/files/149134/Argus-Surveillance-DVR-4.0.0.0-Directory-Traversal.html

Third Party AdvisoryVDB Entry

https://www.exploit-db.com/exploits/45296/

Third Party AdvisoryVDB Entry

http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-PATH-TRAVERSAL-FILE-DISCLOSURE.txt

ExploitThird Party Advisory

http://packetstormsecurity.com/files/149134/Argus-Surveillance-DVR-4.0.0.0-Directory-Traversal.html

KEV Catalog EPSS Scores Vendors All CVEs