AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the servers /var/log/messages file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
2400_video_server | Axis | 2.0 (including) | 2.0 (including) |
2400_video_server | Axis | 2.20 (including) | 2.20 (including) |
2400_video_server | Axis | 2.31 (including) | 2.31 (including) |
2400_video_server | Axis | 2.32 (including) | 2.32 (including) |
2400_video_server | Axis | 2.33 (including) | 2.33 (including) |
2401_video_server | Axis | 2.20 (including) | 2.20 (including) |
2401_video_server | Axis | 2.31 (including) | 2.31 (including) |
2401_video_server | Axis | 2.32 (including) | 2.32 (including) |
2401_video_server | Axis | 2.33 (including) | 2.33 (including) |