Описание
On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to take full root level control of the device.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
Связанные уязвимости
On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to take full root level control of the device.
Уязвимость FTP-сервера микропрограммного обеспечения IP-камеры Jooan A5 IP Camera, позволяющая нурушителю получить доступ к устройству с привилегиями root
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2