PT-2019-6845 · Capture+4 · Capture Cctv+4
Alejandro Ramos
+1
·
Published
2019-10-30
·
Updated
2019-11-05
·
CVE-2013-1391
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Hunt CCTV (affected versions not specified)
Capture CCTV (affected versions not specified)
Hachi CCTV (affected versions not specified)
NoVus CCTV (affected versions not specified)
Well-Vision Inc DVR systems (affected versions not specified)
Description
The issue allows a remote attacker to bypass authentication in the web interface of the affected systems, enabling them to retrieve the device configuration.
Recommendations
For Hunt CCTV, update to a version that addresses the authentication bypass issue.
For Capture CCTV, update to a version that addresses the authentication bypass issue.
For Hachi CCTV, update to a version that addresses the authentication bypass issue.
For NoVus CCTV, update to a version that addresses the authentication bypass issue.
For Well-Vision Inc DVR systems, update to a version that addresses the authentication bypass issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Capture Cctv
Hachi Cctv
Hunt Cctv
Novus Cctv
Well-Vision Inc Dvr Systems