Halloween Sale Is Here
Flash Sale Today!
Duo 2 Firmware Update and Tips: Better AI Detection & Email Alerts
APP v4.34 Update: Add Tracking Range & Fix Sensitivity Bug
Reolink Camera API User Guide_V7 (Update in Sept 2022)
TrackMix New Firmware Update: Auto-Tracking Range & Tracking Schedule
Could you please fix the following? you can easily get at root with this and I've verified.HIGHGoAhead Embedded Web Server websNormalizeUriPath() Directory Traversal VulnerabilityDescriptionThe remote GoAhead embedded web server is affected by a directory traversal vulnerability due to a flaw in the websNormalizeUriPath() function. A remote, unauthenticated attacker can exploit this flaw to obtain arbitrary files on the affected host.The flaw that allows the directory traversal may also be used to perform a heap-based buffer overflow, potentially allowing code execution or a denial of service condition.SolutionContact the vendor of the device running the GoAhead embedded web server for a fixed version.See Alsohttp://www.nessus.org/u?a935864fhttp://seclists.org/oss-sec/2015/q1/1028OutputNessus was able to exploit the issue to retrieve the contents of'/etc/passwd' using the following request :
I can't put the rest of the article because your forum thinks I'm putting in forbidden data that could crash the site. Just read the link from nessus. THanks
Hi Aniehues,Gohead does have this security risk. so we changed to Njnix two months ago. pls visit our website to get the latest firmware.
Hi there! Join the Commnunity to get all the latest news, tips and more!