cbcvebase.
CVE-2013-6023
published 2013-11-02

CVE-2013-6023: Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .…

PriorityP271high7.8CVSS 2.0
AVNACLAuNCCINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
10.22%
95.1th percentile
Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.

Affected

18 ranges
VendorProductVersion rangeFixed in
tvtdvr
tvtdvr_firmware<= 3.2.0.p-3520a-03
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware
tvtdvr_firmware

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://[IP Address]/../../../mnt/mtd/config/config.dat
path/../../../mnt/mtd/config/config.dat
path/mnt/mtd/config/config.dat
  • Detect directory traversal attempts using '../' sequences in HTTP URI targeting TVT DVR devices. Look for requests containing '/../' patterns in the URI path, particularly targeting '/mnt/mtd/config/config.dat'.
  • Use the Shodan dork 'Cross Web Server' to identify exposed TVT DVR devices on the internet that may be vulnerable to this traversal.
  • Monitor HTTP requests for traversal patterns targeting the configuration file path '/../../../mnt/mtd/config/config.dat' on TVT DVR web interfaces.
  • ·The vulnerability affects a wide range of firmware versions beyond the one cited in the CVE description; defenders should treat all listed firmware versions as vulnerable.

CVSS provenance

nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
vulncheck7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.