PT-2022-8038 · Netwave · Netwave Ip Camera

Published

2022-06-10

Updated

2022-06-17

CVE-2018-17240

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Netwave IP camera devices (affected versions not specified)

Description The issue allows an unauthenticated attacker to exfiltrate sensitive information, such as username and password, from the network configuration of Netwave IP camera devices through a memory dump vulnerability at the /proc/kcore API endpoint.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2018-17240

Affected Products

Netwave Ip Camera

PT-2022-8038 · Netwave · Netwave Ip Camera

CVE-2018-17240

Weakness Enumeration

Related Identifiers

Affected Products

References · 6