PT-2023-25772 · Unknown · Cp-Plus Nvr

Arko Dhar

Publicado

2023-08-24

Atualizado

2024-10-02

CVE-2023-3705

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions CP-Plus NVR (affected versions not specified)

Description The issue exists due to improper input handling at the web-based management interface of the affected product. An unauthenticated remote attacker could exploit this by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation could allow the remote attacker to obtain sensitive information on the targeted device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-200

Identificadores relacionados

CVE-2023-3705

Produtos afetados

Cp-Plus Nvr

PT-2023-25772 · Unknown · Cp-Plus Nvr

CVE-2023-3705

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4