AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the servers /var/log/messages file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
2400_video_server | Axis | 2.20 | 2.20 |
2401_video_server | Axis | 2.33 | 2.33 |
2400_video_server | Axis | 2.31 | 2.31 |
2401_video_server | Axis | 2.20 | 2.20 |
2401_video_server | Axis | 2.31 | 2.31 |
2400_video_server | Axis | 2.33 | 2.33 |
2401_video_server | Axis | 2.32 | 2.32 |
2400_video_server | Axis | 2.32 | 2.32 |
2400_video_server | Axis | 2.0 | 2.0 |