Описание
Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tiandy:tiandy_ip_camera_firmware:5.56.17.120:*:*:*:*:*:*:*
cpe:2.3:h:tiandy:tiandy_ip_camera:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04438
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt.
EPSS
Процентиль: 89%
0.04438
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200