CVE-2023-6118 in IP Camerainfo

Summary

by MITRE • 11/23/2023

Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal.

This issue affects IP Camera: before b1130.1.0.1.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 05/20/2026

The CVE-2023-6118 vulnerability represents a critical path traversal flaw in Neutron IP Camera firmware versions prior to b1130.1.0.1, specifically affecting the '/../filedir' directory traversal pattern. This vulnerability falls under the Common Weakness Enumeration category CWE-22, which classifies improper limitation of a pathname to a restricted directory, also known as path traversal or directory traversal attacks. The flaw enables attackers to access files and directories outside the intended scope by manipulating file path references through directory traversal sequences.

The technical implementation of this vulnerability occurs within the camera's file handling mechanisms where input validation fails to properly sanitize user-supplied path parameters. When an attacker crafts malicious requests containing the '/../filedir' pattern, the system processes these sequences without adequate restrictions, allowing unauthorized access to sensitive system files, configuration data, and potentially system binaries. This weakness exists in the camera's web interface or API endpoints that handle file operations, where path traversal attacks can be executed through specially crafted HTTP requests or direct protocol interactions with the device.

The operational impact of this vulnerability is severe and multifaceted, encompassing both confidentiality and system integrity threats. An attacker could potentially extract firmware images, access administrative credentials stored in configuration files, retrieve network configuration details, or even escalate privileges within the device. The vulnerability could also facilitate further exploitation by providing access to internal network resources or serving as a foothold for lateral movement within an organization's network infrastructure. Additionally, the exposure of system files may reveal implementation details that could aid in developing more sophisticated attack vectors against the device or its network environment.

Mitigation strategies for CVE-2023-6118 should prioritize immediate firmware updates to versions b1130.1.0.1 or later, as provided by the vendor. Network segmentation and access controls should be implemented to limit direct access to these devices from untrusted networks, with proper firewall rules blocking unnecessary ports and protocols. Input validation should be strengthened at all entry points where file paths are processed, implementing strict whitelisting of allowed directories and rejecting any path components containing traversal sequences. Regular security audits and penetration testing should be conducted to identify similar vulnerabilities in other networked devices, while monitoring logs for suspicious access patterns or attempted exploitation attempts. Organizations should also consider implementing network-based intrusion detection systems to detect and alert on known attack patterns targeting these types of vulnerabilities. The ATT&CK framework categorizes this vulnerability under T1071.004 Application Layer Protocol: DNS and T1566.001 Phishing: Spearphishing Attachment, as attackers may leverage this vulnerability to gain initial access or escalate privileges within compromised networks.

Reservation

11/14/2023

Disclosure

11/23/2023

Moderation

accepted

CPE

ready

EPSS

0.00761

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!