PT-2017-6762 · Kguard · Kguard Digital Video Recorder

Published

2017-08-18

Updated

2018-10-09

CVE-2015-4464

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Kguard Digital Video Recorder versions 104, 108, v2

Description The issue concerns the lack of authorization or authentication between an ActiveX client and the application server.

Recommendations For versions 104, 108, and v2, consider implementing proper authentication mechanisms between the ActiveX client and the application server to mitigate the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2015-4464

Affected Products

Kguard Digital Video Recorder

PT-2017-6762 · Kguard · Kguard Digital Video Recorder

CVE-2015-4464

Weakness Enumeration

Related Identifiers

Affected Products

References · 5