Skip to main content

Velotismart Wifi Firmware

1 CVEs product

Monthly

CVE-2018-14064 CRITICAL POC THREAT Act Now

The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Velotismart Wifi Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
37.6%
EPSS 38% CVSS 9.8
CRITICAL POC THREAT Act Now

The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Velotismart Wifi Firmware
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy