Описание
A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.03 (включая)
Одновременно
cpe:2.3:o:zavio:f3105_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zavio:f3105:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.6.03 (включая)
Одновременно
cpe:2.3:o:zavio:f312a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zavio:f312a:-:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.68037
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.
EPSS
Процентиль: 99%
0.68037
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287