Описание
An issue exists on NightOwl WDB-20-V2 WDB-20-V2_20190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via the /snapshot URI.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:nightowlsp:wdb-20_firmware:20190314:*:*:*:*:*:*:*
cpe:2.3:h:nightowlsp:wdb-20:v2:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.017
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An issue exists on NightOwl WDB-20-V2 WDB-20-V2_20190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via the /snapshot URI.
EPSS
Процентиль: 82%
0.017
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306