Threat Encyclopedia

Appear.TV.Maintenance.Centre.Directory.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Directory Traversal Vulnerability in Appear TV XC5000 and XC5100 devices.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. An attacker can exploit this to disclose arbitrary files on the affected machine via a crafted request.

affected-products-logoAffected Products

Appear TV XC5000 and XC5100 devices with firmware 3.26.217

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.
Suggested workaround is to disable Maintenance Centre when not in use.

CVE References

CVE-2018-7539