PT-2017-3358 · Acti · Acti Cameras

Mandar Jadhav

Publicado

2017-01-20

Atualizado

2019-10-09

CVE-2017-3186

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC

Description The issue is related to the use of non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials. This allows an attacker to gain access to the device with admin rights.

Recommendations For ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC, change the default admin credentials to unique and strong passwords to prevent unauthorized access.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798CWE-521

Identificadores relacionados

BDU:2018-00129

CVE-2017-3186

Produtos afetados

Acti Cameras

PT-2017-3358 · Acti · Acti Cameras

CVE-2017-3186

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7