CVE-2019-14701: Path Traversal
First published: Tue Aug 06 2019(Updated: )
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microdigital Mdc-n4090 Firmware | <=6400.0.8.5 | |
| Microdigital Mdc-n4090 | ||
| Microdigital Mdc-n4090w Firmware | <=6400.0.8.5 | |
| Microdigital Mdc-n4090w | ||
| Microdigital Mdc-n2190v Firmware | <=6400.0.8.5 | |
| Microdigital Mdc-n2190v |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-14701?
CVE-2019-14701 is a vulnerability found on MicroDigital N-series cameras with firmware through 6400.0.8.5.
How can an attacker exploit CVE-2019-14701?
An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter.
What is the impact of CVE-2019-14701?
The vulnerability can cause a denial of service if the filename is manipulated.
Is MicroDigital Mdc-n4090 vulnerable to CVE-2019-14701?
Yes, MicroDigital Mdc-n4090 cameras with firmware up to 6400.0.8.5 are vulnerable.
How can I fix CVE-2019-14701?
Install the latest firmware version for MicroDigital N-series cameras.
- collector/nvd-index
- agent/weakness
- agent/type
- vendor/microdigital
- canonical/microdigital mdc-n4090 firmware
- version/microdigital mdc-n4090 firmware/6400.0.8.5
- canonical/microdigital mdc-n4090
- canonical/microdigital mdc-n4090w firmware
- version/microdigital mdc-n4090w firmware/6400.0.8.5
- canonical/microdigital mdc-n4090w
- canonical/microdigital mdc-n2190v firmware
- version/microdigital mdc-n2190v firmware/6400.0.8.5
- canonical/microdigital mdc-n2190v