PT-2017-3358 · Acti · Acti Cameras

Mandar Jadhav

Published

2017-01-20

Updated

2019-10-09

CVE-2017-3186

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC

Description The issue is related to the use of non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials. This allows an attacker to gain access to the device with admin rights.

Recommendations For ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC, change the default admin credentials to unique and strong passwords to prevent unauthorized access.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798CWE-521

Related Identifiers

BDU:2018-00129

CVE-2017-3186

Affected Products

Acti Cameras

PT-2017-3358 · Acti · Acti Cameras

CVE-2017-3186

Weakness Enumeration

Related Identifiers

Affected Products

References · 7