Описание
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.7.4 (исключая)
Одновременно
cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:fortinet:fortirecorder_100d:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortirecorder_200d:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortirecorder_400d:-:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01002
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.
EPSS
Процентиль: 77%
0.01002
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-798