cpe:/h:swannsecurity:dvr4-securanet:- CVE-2009-0640 2009-02-20T01:47:48.217-05:00 2009-02-20T00:00:00.000-05:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2009-02-20T13:14:00.000-05:00 BUGTRAQ 20090210 Remote Authentication Bypass - Swann DVR4 SecuraNet (possibly DVR9 as well) BID 33716 SECUNIA 33861 OSVDB 51897 MISC http://packetstorm.linuxsecurity.com/0902-exploits/cctv-disclose.txt Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords.