PT-2021-22887 · Compro · Compro Ip70+3

Published

2021-09-01

Updated

2022-07-12

CVE-2021-40381

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Compro IP70 version 2.08 7130218 Compro IP570 version 2.08 7130520 Compro IP60 (affected versions not specified) Compro TN540 (affected versions not specified)

Description An issue was discovered that allows video access through the "index MJpeg.cgi" endpoint.

Recommendations For Compro IP70 version 2.08 7130218, consider restricting access to the "index MJpeg.cgi" endpoint until a fix is available. For Compro IP570 version 2.08 7130520, consider restricting access to the "index MJpeg.cgi" endpoint until a fix is available. For Compro IP60, at the moment, there is no information about a newer version that contains a fix for this issue. For Compro TN540, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-40381

Affected Products

Compro Ip570

Compro Ip60

Compro Ip70

Compro Tn540

PT-2021-22887 · Compro · Compro Ip70+3

CVE-2021-40381

Related Identifiers

Affected Products

References · 5