CVE-2019-12919

Опубликовано: 20 июн. 2019

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device.

Ссылки

https://www.exploit-db.com/exploits/46993
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/46993
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cylan:clever_dog_smart_camera_panorama_dog-2w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cylan:clever_dog_smart_camera_panorama_dog-2w:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:cylan:clever_dog_smart_camera_plus_dog-2w-v4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cylan:clever_dog_smart_camera_plus_dog-2w-v4:-:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00074

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-qjmc-8jwp-c49h

github

больше 3 лет назад