CVE-2018-12669

Published: Oct 19, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.

Affected (2)

Products: Sv3c: H.264 Poe Ip Camera Firmware

Sv3c

1 product

H.264 Poe Ip Camera Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sv3c H.264 Poe Ip Camera Firmware	Version v2.3.4.2103-s50-ntd-b20170508b

Configuration B

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Sv3c H.264 Poe Ip Camera Firmware	Version v2.3.4.2103-s50-ntd-b20170823b

Running on/with	Platform Versions
Sv3c Sv B01poe 1080p L	All versions
Sv3c Sv B11vpoe 1080p L	All versions
Sv3c Sv D02poe 1080p L	All versions

References (2)

https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.