Product Roadmap: What's Coming Next
How ColorX Technology Turn Night into Day
Reolink App v4.41 Released
Could you please fix the following? you can easily get at root with this and I've verified.HIGHGoAhead Embedded Web Server websNormalizeUriPath() Directory Traversal VulnerabilityDescriptionThe remote GoAhead embedded web server is affected by a directory traversal vulnerability due to a flaw in the websNormalizeUriPath() function. A remote, unauthenticated attacker can exploit this flaw to obtain arbitrary files on the affected host.The flaw that allows the directory traversal may also be used to perform a heap-based buffer overflow, potentially allowing code execution or a denial of service condition.SolutionContact the vendor of the device running the GoAhead embedded web server for a fixed version.See Alsohttp://www.nessus.org/u?a935864fhttp://seclists.org/oss-sec/2015/q1/1028OutputNessus was able to exploit the issue to retrieve the contents of'/etc/pa*swd' using the following request :
I can't put the rest of the article because your forum thinks I'm putting in forbidden data that could crash the site. Just read the link from nessus. THanks
Hi Aniehues,Gohead does have this security risk. so we changed to Njnix two months ago. pls visit our website to get the latest firmware.
@drift hunters I can't finish my post since your forum has warned me that using the following code might cause the server to crash. Follow nessus's link and find out. THanks
@user_731045746307225_731045746307225 What is your issue?
Hi there! Join the Commnunity to get all the latest news, tips and more!