Directory Traversal Vulnerability in Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera
CVE-2019-7315 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability (4.x versions exist only for other Genie Access products).
Learn more about our Web App Pen Testing.