CVE-2016-15055
published 2025-11-12CVE-2016-15055: JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the checkcgi…
PriorityP258high8.7CVSS 4.0
AVNACLATNPRNUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.82%
52.7th percentile
JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this vulnerability to read arbitrary files on the device.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jvc | ip-camera | < 2016-08-22 | 2016-08-22 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://pro.jvc.com/prof/attributes/tech_desc.jsp?model_id=MDL102145&feature_id=02https://web.archive.org/web/20170713051843/http://www.black-rose.ml/2016/08/analyzing-security-cameras-products.htmlhttps://www.exploit-db.com/exploits/40282https://www.vulncheck.com/advisories/jvc-vnt-ip-camera-directory-traversal-via-check-cgi
2025-11-12
Published