Document Title: =============== Argus Surveillance DVR v2.3 & 4.x - Multiple Vulnerabilities Release Date: ============= 2011-09-12 Vulnerability Laboratory ID (VL-ID): ==================================== 227 Abstract Advisory Information: ============================== Vulnerability Lab Team discovered a multiple persistent & non-persistent cross site scripting vulnerabilities in the Argus Surveillance (DVR). Vulnerability Disclosure Timeline: ================================== 2011-05-09: Vendor Notification 2011-05-17: Vendor Response/Feedback 2011-06-23: Vendor Fix/Patch 2011-09-13: Public or Non-Public Disclosure Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ Multiple input validation vulnerabilities are detected on Argus DVR v4.00 The bug allows low privieleged user account to implement malicious persistent script codes on server-side of the application. Its also possible to implement other persistent content like own videos to manipualte the live-stream stable. Vulnerable Module(s): [+] CamFrame [+] Exception Handling (Not Found) Multiple non-persistent input validation vulnerabilities are detected on Argus DVR v4.00 Remote attackers can form malicious requests to hijack customer/administrator session. Its also possible to stream manipulated content with high required user inter action(cross-site) to manipulate a live-stream. Vulnerable Module(s): [+] unbindtv1 [+] ?c Pictures: ../1.png ../2.png ../3.png ../4.png Proof of Concept (PoC): ======================= The vulnerabilities can be exploited by remote attackers. For demosntration or reproduce ... File Not Found

Cannot find this file.

The requested file: /THUMBNAIL.CGI?NAME=unbindtv1,>"