PT-2018-11322 · Sv3C · Sv3C Hd Camera

Published

2018-10-19

Updated

2019-01-11

CVE-2018-12671

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SV3C HD Camera versions V2.3.4.2103-S50-NTD-B20170508B through V2.3.4.2103-S50-NTD-B20170823B

Description The issue allows an attacker with remote access to the camera's web interface to disclose information about the camera, including all password sets. This disclosed information can then be used to gain access to the web interface.

Recommendations For versions V2.3.4.2103-S50-NTD-B20170508B through V2.3.4.2103-S50-NTD-B20170823B, consider restricting access to the web interface until a fix is available. As a temporary workaround, avoid using the default password sets and consider changing them to stronger, unique passwords. Restrict remote access to the camera's web interface to minimize the risk of exploitation.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-12671

Affected Products

Sv3C Hd Camera

PT-2018-11322 · Sv3C · Sv3C Hd Camera

CVE-2018-12671

Weakness Enumeration

Related Identifiers

Affected Products

References · 3