PT-2017-6762 · Kguard · Kguard Digital Video Recorder

Publicado

2017-08-18

Atualizado

2018-10-09

CVE-2015-4464

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Kguard Digital Video Recorder versions 104, 108, v2

Description The issue concerns the lack of authorization or authentication between an ActiveX client and the application server.

Recommendations For versions 104, 108, and v2, consider implementing proper authentication mechanisms between the ActiveX client and the application server to mitigate the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2015-4464

Produtos afetados

Kguard Digital Video Recorder

PT-2017-6762 · Kguard · Kguard Digital Video Recorder

CVE-2015-4464

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5