Fortinet Discovers Directory Traversal Vulnerability in Apexis Webcam
Fortinet's FortiGuard Labs has discovered a directory traversal vulnerability in Apexis Webcam.
The vulnerability exists in the web interface on Apexis camera APM-J601-WS with firmware 18.104.22.168. It allows remote attackers to read arbitrary files via a crafted HTTP request.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jun 12, 2014
Upgrade to the version 22.214.171.124.
This vulnerability was discovered by Axelle Apvrille of Fortinet's FortiGuard Labs.