[原文]PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existence of files via an HTTP request with a full pathname, which produces different messages whether the file exists or not.
Active WebCam Error Message File Existence Enumeration
Remote / Network Access
Loss of Confidentiality
Active WebCam contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when issuing a specially crafted URL, which causes the application to return an error message whether the file exists on the system or not resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.