CVE-2010-4232

Name of the Vulnerable Software and Affected Versions Camtron CMNC-200 Full HD IP Camera version 1.102A-008 TecVoz CMNC-200 Megapixel IP Camera version 1.102A-008

Description The issue concerns the web-based administration interface, which allows remote attackers to bypass authentication. This can be achieved by prefixing a URI with // (slash slash), as demonstrated by the //system.html URI.

Recommendations For Camtron CMNC-200 Full HD IP Camera version 1.102A-008, consider restricting access to the web-based administration interface until a fix is available. For TecVoz CMNC-200 Megapixel IP Camera version 1.102A-008, avoid using URIs that start with // (slash slash) in the administration interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.