MEDIUM🇵🇱 Wersja polska

CVE-2007-4583

CVSS 5.0v2.0pub. 2007-08-29upd. 2026-04-23

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method.

CVSS Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
  • Acti Network Video Recorder

    APP
    Acti
    sp2_2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2007-4582HIGH7.5ten sam produkt

Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ...

CVE-2017-3184CRITICAL9.8ten sam vendor

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly r...

CVE-2017-3185CRITICAL9.8ten sam vendor

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web applica...

CVE-2017-3186CRITICAL9.8ten sam vendor

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random def...

CVE-2020-15956HIGH7.5ten sam vendor

ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigge...