PT-2018-1034 · Master · Master Ipcamera01

Daniele Linguaglossa

Publicado

2018-01-15

Atualizado

2018-02-05

CVE-2018-5723

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MASTER IPCAMERA01 version 3.3.4.2103

Description The issue is related to the use of hardcoded credentials in the device's software. Specifically, the root account has a hardcoded password of cat1029. This could allow a remote attacker to gain access to the device with root privileges.

Recommendations For MASTER IPCAMERA01 version 3.3.4.2103, consider changing the root account password to a unique and strong password as soon as possible to mitigate the risk of exploitation. As a temporary workaround, restrict access to the device to minimize the risk of unauthorized access until a more permanent solution is available.

Exploit

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

BDU:2018-00333

CVE-2018-5723

Produtos afetados

Master Ipcamera01

PT-2018-1034 · Master · Master Ipcamera01

CVE-2018-5723

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6