CVE-2018-5724

Name of the Vulnerable Software and Affected Versions MASTER IPCAMERA01 version 3.3.4.2103

Description The issue is related to unauthenticated configuration download and upload in the MASTER IPCAMERA01 device. This can be exploited through the restore.cgi endpoint, allowing a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For MASTER IPCAMERA01 version 3.3.4.2103, as a temporary workaround, consider restricting access to the restore.cgi endpoint until a patch is available. Additionally, limit configuration downloads and uploads to authorized personnel only. At the moment, there is no information about a newer version that contains a fix for this vulnerability.