Fortinet Discovers Directory Traversal Vulnerability in Apexis Webcam
Fortinet's FortiGuard Labs has discovered a directory traversal vulnerability in Apexis Webcam.
The vulnerability exists in the web interface on Apexis camera APM-J601-WS with firmware 22.214.171.124. It allows remote attackers to read arbitrary files via a crafted HTTP request.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jun 12, 2014
Upgrade to the version 126.96.36.199.
This vulnerability was discovered by Axelle Apvrille of Fortinet's FortiGuard Labs.