Medium severity4.9NVD Advisory· Published Apr 11, 2017· Updated May 13, 2026

CVE-2017-7461

Description

Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.

Affected products

Intellinet Network/Nfc 30ir Firmware
cpe:2.3:o:intellinet-network:nfc-30ir_firmware:lm.1.6.16.05:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/41829/nvdExploitThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.319
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000