Описание
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/get_jpeg endpoint without authentication.
EPSS
Процентиль: 29%
0.00106
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 9.8
github
около 1 месяца назад
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/get_jpeg endpoint without authentication.
EPSS
Процентиль: 29%
0.00106
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-306