exploitDog

CVE-2025-34066

Опубликовано: 01 июл. 2025

Источник: nvd

EPSS Низкий

Описание

An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle (MITM) attacks.

Ссылки

EPSS

Процентиль: 16%

0.00052

Низкий

Дефекты

CWE-295

Связанные уязвимости

GHSA-4cx5-3q2w-5wr7

github

7 месяцев назад

An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle (MITM) attacks.

EPSS

Процентиль: 16%

0.00052

Низкий

Дефекты

CWE-295