Intrusion Prevention

Samsung.Camera.1670D.NVR.Arbitrary.File.Access

Description

This indicates detection of an Arbitrary File Access vulnerability in Samsung SRN-1670D camera web viewer services.
The vulnerability is caused by a lack of sanitizing of access to an undocumented PHP page. A remote attacker can exploit this to read arbitrary local files in the system.

Affected Products

Samsung SRN-1670D camera

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

CVE References

CVE-2015-8279