CVE-2018-12675

Name of the Vulnerable Software and Affected Versions SV3C HD Camera versions V2.3.4.2103-S50-NTD-B20170508B through V2.3.4.2103-S50-NTD-B20170823B

Description The issue concerns the camera's web interface, which does not perform origin checks on URLs that it redirects users to. This can be exploited to redirect a user to an unexpected endpoint, potentially leading to unintended consequences.

Recommendations For versions V2.3.4.2103-S50-NTD-B20170508B through V2.3.4.2103-S50-NTD-B20170823B, consider restricting access to the web interface until a fix is available, and avoid using the camera's web interface to access external URLs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.