Fortinet Discovers Directory Traversal Vulnerability in Apexis Webcam
Fortinet's FortiGuard Labs has discovered a directory traversal vulnerability in Apexis Webcam.
The vulnerability exists in the web interface on Apexis camera APM-J601-WS with firmware 220.127.116.11. It allows remote attackers to read arbitrary files via a crafted HTTP request.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jun 12, 2014
Upgrade to the version 18.104.22.168.
This vulnerability was discovered by Axelle Apvrille of Fortinet's FortiGuard Labs.