CVE-2024-3160

Name of the Vulnerable Software and Affected Versions Intelbras MHDX 1004 versions up to 20240401 Intelbras MHDX 1008 versions up to 20240401 Intelbras MHDX 1016 versions up to 20240401 Intelbras MHDX 5016 versions up to 20240401 Intelbras HDCVI 1008 versions up to 20240401 Intelbras HDCVI 1016 versions up to 20240401

Description A vulnerability was found in the HTTP GET Request Handler component, affecting an unknown part of the file /cap.js. The manipulation leads to information disclosure and can be initiated remotely. The real existence of this vulnerability is still doubted. The vendor explains that they do not classify the information shown as sensitive and therefore there is no vulnerability which is about to harm the user.

Recommendations For Intelbras MHDX 1004 versions up to 20240401, review logs and apply strict firewall rules to minimize the risk of exploitation. For Intelbras MHDX 1008 versions up to 20240401, review logs and apply strict firewall rules to minimize the risk of exploitation. For Intelbras MHDX 1016 versions up to 20240401, review logs and apply strict firewall rules to minimize the risk of exploitation. For Intelbras MHDX 5016 versions up to 20240401, review logs and apply strict firewall rules to minimize the risk of exploitation. For Intelbras HDCVI 1008 versions up to 20240401, review logs and apply strict firewall rules to minimize the risk of exploitation. For Intelbras HDCVI 1016 versions up to 20240401, review logs and apply strict firewall rules to minimize the risk of exploitation. As a temporary workaround, consider restricting access to the /cap.js file until the issue is resolved.