The thttpd running on the remote DVR is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the web server. Information harvested may aid in launching further attacks.

• http://www.securityfocus.com/bid/60010

---

Updated on 2015-03-25