This host is running MayGion IP Camera and is prone to multiple vulnerabilities.

Successful exploitation will allow remote attackers to gain access to information or cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. Impact Level: System/Application

Upgrade to H.264 ipcam firmware 2013.04.22 or later, For updates refer to http://www.maygion.com

- The flaw is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../). - User-supplied input is not properly validated when handling a specially crafted GET request. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

MayGion IP cameras firmware version 2011.27.09

Send a crafted exploit string via HTTP GET request and check whether it is able to read the sensitive information or not.

• http://osvdb.org/93708
• http://osvdb.org/93709
• http://seclists.org/fulldisclosure/2013/May/194
• http://www.coresecurity.com/advisories/maygion-IP-cameras-multiple-vulnerabilities

---

Updated on 2015-03-25