Описание
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
Ссылки
EPSS
Процентиль: 29%
0.00107
Низкий
Дефекты
CWE-290
Связанные уязвимости
github
7 месяцев назад
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
EPSS
Процентиль: 29%
0.00107
Низкий
Дефекты
CWE-290