Axis Fixed Bug Report For Passwords [Corrected]

About a year ago a user reported a strange problem using an Axis camera after setting the password with an embedded %:

Axis Camera - Access Denied After PW Change With %

This mystery was never solved, although it was noted at the...

******>

**, ** ** ***** ** **** ***percent **** is being evaluated as a special character by either javascript or the linux/unix ***** or something in between.

**** ** ********* *** ***, *** ****** ** ****, **** contacted **** **** *** ***********.

*****, ***, * ********* **** ** *** ******** ** **** to *** ** **** **** *** ********.

** ******-** *** ********.

* **** ***** * ************* ** **** **** ******* ** reported ***** **** ** ***** ** * ****** ****** ****** exploit.********* ****. *******:

*.* **** ******* ** * ****** ****** ?
* ****** ****** ** ** ****** ****** **** ******** **** and ****** **********.
*******:
****** ("*** ***** ****** **: %*\*", ****);
*** **** ** ** ******* ** “*** ***** ****** **:”, followed ** * ****** ********* ‘%*’, **** ** ******** **** the ********* (****) ** *** ******. ********* *** ****** ***** like: *** ***** ****** **: ****.

********* ********** ***** **** ******:

# $ **** -** "*** /************.*****?&*********=%*|%* ****/*.*\*\*" | ****** ***.***.*.** 80

indicating **** ****** *** % **** *** ***** ****** ** * ****** ****** ***** **** where it was interpreted as a command, (in this case to setup a listener to call back).

****, ** **** *** ******** ************ *** ********** **** *** report **** ***** **** (********* ** ***********) ***** *** ************* well ****** *** ******* *** *********.

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

* ***'* ***** **'* ****, *** ******* ***** ** ** with "****" *** *** "********".

*******, ***** ***** ** ******* ****** ****** *** ***/** *** encoding **** "%" ** "********"..

*******, ***** ***** ** ******* ****** ****** *** ***/** *** encoding **** "%" ** "********"..

******** **** ** ***'* "**" ******** ** *****, **'* **** a ************ ****** ***** ****** ** *** ******.

GET /************.*****?&http_user=%p|%p ****/*.*\*\*

******** ******* ** **** *** ******, (**** ***** *******, **** when ******* ** *****), ******** **** *** ****** ****** ***** be ***********.

*** ******** **** ** ** ******** ********* *** **** ************, even **** * ***** ***** **** ****** *** ***** **** on *** ******** ***** ****** ***** * ********** ********* ** sanitize *** **** ***** ** ****.

**** **** **** ***** **** *** **** ****:

"** ******** ***** **** ******** ***** ** * ******** ******* release ****://******-***.****.***/***/********/****/*****/********/****************************.*** ** ******** ** *** *** ** ****** *** password ********* ***** ** *******. *** ******* ***** ***** **** it *** ****** *** ‘#’ ***** *** ** **** ******** ‘%’ ** * *** * ******* ******** **** **** *******."

****** ****** ***** **Axis ***** ***, **** ****** ***** ** ********* ***** **********.

**** "******* ****" *** ********? *** ********** ********** * *************, but ** ***** ***** ** ** ****** ****? *** ***** should ** **** ******* **** *** ******, ******* ** ******* Vulnerability" *** **** ******* **** *** ******, ******* ** ******* Hack

**** "******* ****" *** ********?

** ****** ********, * '****' ****** ***** * *** ** gaining ************ ******, *** ******* ********* *** ********* *****.

*** ***** ** **** ** *** **** ** *** *** report *** *** *******, *** *** *** ***** *** **** suggested *****.

*** ***** *** **** ******* ** ******* **** ****** **** particular ***.

****, ***, ** **** **** **** ** ****** *** ************* and **** **** **** ******* ***** ** *** **********'* **********. Report ** ****** *******.