airVision NVR path Parameter Traversal Arbitrary File Access
Medium Nessus Plugin ID 64994
SynopsisThe remote web server hosts an application that is affected by a directory traversal vulnerability.
DescriptionThe remote web server hosts airVision NVR, an application used to remotely monitor IP cameras. The installed version of airVision NVR fails to properly sanitize user-supplied input to the 'path' parameter of the 'views/file.php' script. This could allow an unauthenticated, remote attacker to read arbitrary files on the remote host by sending a request containing directory traversal characters.
Note that the application is reportedly also affected by a SQL injection vulnerability as well as an additional traversal arbitrary file disclosure vulnerability via the 'path' parameter of the 'views/image.php' script; however, Nessus has not tested for these additional issues.
SolutionUnknown at this time.