← Back

CVE-2022-34138

nvd nist
Published: Feb 3, 2023Modified: Mar 26, 2025

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.

Affected (2)

Biltema
2 products
Baby Camera Firmware
Ip Camera Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Baby Camera Firmware
Version 124
Running on/withPlatform Versions
Biltema
Baby Camera
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ip Camera Firmware
Version 124
Running on/withPlatform Versions
Biltema
Ip Camera
All versions

Related CWEs

CWE-639
Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.