exploitDog

CVE-2025-1739

Опубликовано: 27 фев. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrator's credentials in cleartext by sending a request against the server using curl with random credentials to "/en/player/activex_pal.asp" and successfully authenticating the application.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-trivision-camera-nc227wf

EPSS

Процентиль: 21%

0.0007

Низкий

7.1 High

CVSS3

Дефекты

CWE-288

Связанные уязвимости

GHSA-2g33-qx57-xxxh

CVSS3: 7.1

github

11 месяцев назад

An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrator's credentials in cleartext by sending a request against the server using curl with random credentials to "/en/player/activex_pal.asp" and successfully authenticating the application.

EPSS

Процентиль: 21%

0.0007

Низкий

7.1 High

CVSS3

Дефекты

CWE-288