CVE-2009-2046 Information

Description

The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server aka Bug IDs CSCsu05515 and CSCsr96497.

Reference

http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml http://www.securityfocus.com/bid/35478 http://www.securitytracker.com/id?1022445