PT-2023-22555 · Assmann Digitus · Assmann Digitus Plug&View Ip Camera

Publicado

2023-08-04

Atualizado

2023-08-08

CVE-2023-30146

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Assmann Digitus Plug&View IP Camera HT-IP211HDP version 2.000.022 Assmann Digitus Plug&View IP Camera family (affected versions not specified, except for version 2.000.022)

Description The issue allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials.

Recommendations For version 2.000.022, consider restricting access to the camera's settings until a patch is available. For other versions in the Assmann Digitus Plug&View IP Camera family, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Cleartext Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-312

Identificadores relacionados

CVE-2023-30146

Produtos afetados

Assmann Digitus Plug&View Ip Camera

PT-2023-22555 · Assmann Digitus · Assmann Digitus Plug&View Ip Camera

CVE-2023-30146

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5