PT-2018-11323 · Sv3C · Sv3C Hd Camera
Published
2018-10-19
·
Updated
2019-01-11
·
CVE-2018-12672
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SV3C HD Camera version L-SERIES V2.3.4.2103-S50-NTD-B20170508B
Description
The issue concerns a lack of proper validation on user-supplied input, making the camera susceptible to cross-site scripting attacks. This could potentially allow actions to be performed on behalf of another user or the administrator if proper authorization was in place.
Recommendations
For version L-SERIES V2.3.4.2103-S50-NTD-B20170508B, consider implementing proper input validation to prevent cross-site scripting attacks. As a temporary workaround, restrict access to the camera's web interface to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sv3C Hd Camera