CVE-2024-45177

Name of the Vulnerable Software and Affected Versions za-internet C-MOR Video Surveillance versions 5.2401 through 6.00PL01

Description The issue is related to improper input validation in the C-MOR web interface, making it vulnerable to persistent cross-site scripting (XSS) attacks. This allows an attacker to inject malicious scripts remotely. The camera configuration is specifically vulnerable due to insufficient user input validation.

Recommendations For versions 5.2401 and 6.00PL01, update the system with a patch as soon as possible and validate input/output to mitigate the risk. As a temporary workaround, consider restricting access to the C-MOR web interface until a patch is available.