The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder prior to 1.15.61, N-Series N1x22A Video Encoder/Decoder prior to 1.15.61, N-Series N1x33A Video Encoder/Decoder prior to 1.15.61, N-Series N1x33 Video Encoder/Decoder prior to 1.15.61, N-Series N2x35 Video Encoder/Decoder prior to 1.15.61, N-Series N2x35A Video Encoder/Decoder prior to 1.15.61, N-Series N2xx2 Video Encoder/Decoder prior to 1.15.61, N-Series N2xx2A Video Encoder/Decoder prior to 1.15.61, N-Series N3000 Video Encoder/Decoder prior to 2.12.105, and N-Series N4321 Audio Transceiver prior to 1.00.06.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
samsung fgn1115-wp-wh_firmware |
||
samsung fgn1122-sa_firmware |
||
samsung fgn1122-cd_firmware |
||
samsung fgn1222-sa_firmware |
||
samsung fgn1222-cd_firmware |
||
samsung fgn1233-sa_firmware |
||
samsung fgn1133-sa_firmware |
||
samsung fgn1133-cd_firmware |
||
samsung fgn1233-cd_firmware |
||
samsung fgn1133a-sa_firmware |
||
samsung fgn1233a-sa_firmware |
||
samsung fgn1133a-cd_firmware |
||
samsung fgn1233a-cd_firmware |
||
samsung fgn2135-sa_firmware |
||
samsung fgn2235-cd_firmware |
||
samsung fgn2235-sa_firmware |
||
samsung fgn2135-cd_firmware |
||
samsung fgn2122-sa_firmware |
||
samsung fgn2222-sa_firmware |
||
samsung fgn2212-sa_firmware |
||
samsung fgn2122-cd_firmware |
||
samsung fgn2222-cd_firmware |
||
samsung fgn2212-cd_firmware |
||
samsung fgn2222a-sa_firmware |
||
samsung fgn2122a-sa_firmware |
||
samsung fgn2122a-cd_firmware |
||
samsung fgn2222a-cd_firmware |
||
samsung fgn3132a-sa_firmware |
||
samsung fgn3132a-c_firmware |
||
samsung fgn3232a-sa_firmware |
||
samsung fgn3232a-c_firmware |
||
samsung fgn4321-sa_firmware |
||
samsung fgn4321-cd_firmware |
Vulmon