Xovis Security Bulletin 2018-003

Description

Xovis PC-series sensors firmware through 3.6.0 allow directory traversal.

Vulnerability Details

The PC-series sensor firmware is vulnerable to information disclosure via a directory traversal bug.

Affected Products and Versions

All PC-series sensor firmware versions up to 3.6.0.

Remediation/Fixes

Apply the PC-series sensor firmware 3.7.0 or newer.

Workarounds and Mitigations

None.

References

Acknowledgements

Xovis would like to thank Ayushman Dutta for responsibly reporting this vulnerability to protect our customers.

History