PT-2018-1034 · Master · Master Ipcamera01

Daniele Linguaglossa

Published

2018-01-15

Updated

2018-02-05

CVE-2018-5723

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MASTER IPCAMERA01 version 3.3.4.2103

Description The issue is related to the use of hardcoded credentials in the device's software. Specifically, the root account has a hardcoded password of cat1029. This could allow a remote attacker to gain access to the device with root privileges.

Recommendations For MASTER IPCAMERA01 version 3.3.4.2103, consider changing the root account password to a unique and strong password as soon as possible to mitigate the risk of exploitation. As a temporary workaround, restrict access to the device to minimize the risk of unauthorized access until a more permanent solution is available.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

BDU:2018-00333

CVE-2018-5723

Affected Products

Master Ipcamera01

PT-2018-1034 · Master · Master Ipcamera01

CVE-2018-5723

Weakness Enumeration

Related Identifiers

Affected Products

References · 6