exploitDog

GHSA-hq75-6wcm-hc6g

Опубликовано: 18 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.

The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.

Ссылки

EPSS

Процентиль: 98%

0.59239

Средний

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-552

Связанные уязвимости

CVE-2021-40149

CVSS3: 5.9

nvd

больше 3 лет назад

The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.

EPSS

Процентиль: 98%

0.59239

Средний

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-552