PT-2024-36789 · Longse · Longse Nvr
Adam Zambrzycki
·
Published
2024-07-09
·
Updated
2024-08-01
·
CVE-2024-5632
CVSS v4.0
5.3
Medium
| Vector | AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device (affected versions not specified)
Description
The issue concerns the creation of a WiFi network with a default password by the Longse NVR model NVR3608PGE2W and products based on this device. Users are neither advised to change the default password during the installation process nor is the need to change it described in the manual. As a result, it is likely that the default password remains unchanged, especially since cameras from the same kit connect automatically.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Longse Nvr