Intrusion Prevention

Airlive.IP.Camera.List.Param.Information.Disclosure

Description

This indicates an attack attempt against a Information Disclosure vulnerability in Airlive Ip Camera.
This issue is caused by an error when handling the list action requests sent to /cgi-bin/operator/param . It allows a remote attacker to gain administrator password on vulnerable systems via a crafted http request.

Affected Products

AirLive WL2600CAM

Impact

Information Disclosure: Remote attacker can gain sensitive information from vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

CVE References

CVE-2013-3686