PT-2019-7818 · Milesight · Milesight Ip Security Cameras
Publicado
2019-10-25
·
Atualizado
2019-10-29
·
CVE-2016-2358
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Milesight IP security cameras versions prior to 2016-11-14
Description
The issue concerns Milesight IP security cameras that have a default set of 10 privileged accounts with hardcoded credentials. These accounts are accessible if the customer has not configured 10 actual user accounts.
Recommendations
For Milesight IP security cameras versions prior to 2016-11-14, configure 10 actual user accounts to override the default privileged accounts with hardcoded credentials.
Exploit
Correção
Using Hardcoded Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Milesight Ip Security Cameras