PT-2018-5326 · Wanscam · Wanscam Hw0021
Publicado
2018-03-28
·
Atualizado
2019-10-09
·
CVE-2017-11510
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wanscam HW0021 network camera (affected versions not specified)
Description
An information leak exists that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF "GetSnapshotUri" request.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Insufficiently Protected Credentials
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wanscam Hw0021