CVE-2013-6023

Name: CVE-2013-6023
Creator: NVD / NIST
Published: 2013-11-02T21:55:02.973+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 10.22%

Last modified Jun 16, 2026

CVE-2013-6023 is a vulnerability of currently unknown severity. Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.. EPSS estimates a 10.22% chance of exploitation in the next 30 days.

Description

Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.

Metrics

EPSS Probability

10.22%

95.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-22

Affected Software

Vendor	Product	Versions
Tvt	Dvr	td-2308ss-b
Tvt	Dvr Firmware	<= 3.2.0.p-3520a-03
Tvt	Dvr Firmware	3.1.6.p-1.0.2.1-03
Tvt	Dvr Firmware	3.1.7.b-1.0.2.1-00
Tvt	Dvr Firmware	3.1.43.b
Tvt	Dvr Firmware	3.1.43.p
Tvt	Dvr Firmware	3.1.75.b-1.0.2.1-00
Tvt	Dvr Firmware	3.1.81.b-1.0.2.1-00
Tvt	Dvr Firmware	3.1.83.b-1.0.2.1-00
Tvt	Dvr Firmware	3.1.83.p-1.0.4.2-03
Tvt	Dvr Firmware	3.1.87.p-1.0.4.2-17
Tvt	Dvr Firmware	3.1.91.p-1.0.2.1-03
Tvt	Dvr Firmware	3.1.92.p-1.0.2.1-00
Tvt	Dvr Firmware	3.1.93.b-1.0.2.1-17
Tvt	Dvr Firmware	3.2.0.b-1.0.2.1-17
Tvt	Dvr Firmware	3.2.0.p-1.0.2.1-03
Tvt	Dvr Firmware	3.2.0.p-1.0.2.1-17
Tvt	Dvr Firmware	3.2.0.p-1.0.6.0.32-00

References

http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html
http://www.exploit-db.com/exploits/29959Exploit
http://www.kb.cert.org/vuls/id/785838US Government Resource
http://www.securityfocus.com/bid/63360Exploit
http://alguienenlafisi.blogspot.com/2013/10/dvr-tvt-directory-traversal.html
http://www.exploit-db.com/exploits/29959Exploit
http://www.kb.cert.org/vuls/id/785838US Government Resource
http://www.securityfocus.com/bid/63360Exploit

Timeline

Published: Nov 2, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-6023?

Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.

How severe is CVE-2013-6023?

Severity scoring for CVE-2013-6023 is pending analysis. The EPSS model estimates a 10.22% probability of exploitation in the next 30 days.

How do I fix CVE-2013-6023?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-6023?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST