Описание
Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:keruigroup:ypc99_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:keruigroup:ypc99:-:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00217
Низкий
6.5 Medium
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user.
EPSS
Процентиль: 44%
0.00217
Низкий
6.5 Medium
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-20