CVE-2007-4583 Information

Feb 14, 2021 cve

Description

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method.

Reference

http://osvdb.org/38386 http://osvdb.org/38387 http://secunia.com/advisories/26622 http://www.securityfocus.com/bid/25465 http://www.vupen.com/english/advisories/2007/2993 https://exchange.xforce.ibmcloud.com/vulnerabilities/36303 https://exchange.xforce.ibmcloud.com/vulnerabilities/36304 https://www.exploit-db.com/exploits/4323 https://www.exploit-db.com/exploits/4324

Share on: