Fortinet Discovers Directory Traversal Vulnerability in Apexis Webcam
Fortinet's FortiGuard Labs has discovered a directory traversal vulnerability in Apexis Webcam.
The vulnerability exists in the web interface on Apexis camera APM-J601-WS with firmware 126.96.36.199. It allows remote attackers to read arbitrary files via a crafted HTTP request.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jun 12, 2014
Upgrade to the version 188.8.131.52.
This vulnerability was discovered by Axelle Apvrille of Fortinet's FortiGuard Labs.