Submit #467085: Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclosinfo

TitelProvision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclos
BeschreibungA security vulnerability has been identified in multiple Provision-ISR DVR devices including SH-4050A-2, SH-4100A-2L(MM) and SH-8100A-2L(MM). This vulnerability allows unauthorized disclosure of sensitive device information due to insufficient access controls on the device's web server. An attacker could exploit this vulnerability to engage in further unauthorized activities, affecting over 182,000 devices on the Internet.
Quelle⚠️ https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-Provision-ISR-DVR-1626b683e67c803881befbc730a93bf6?pvs=4
Benutzer
 netsecfish (UID 64568)
Einreichung20.12.2024 13:05 (vor 1 Jahr)
Moderieren04.01.2025 09:57 (15 days later)
StatusAkzeptiert
VulDB Eintrag290203 [Provision-ISR SH-4050A-2 bis 20241220 /server.js Information Disclosure]
Punkte16

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!