Soumettre #467085: Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclosinformation

TitreProvision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclos
DescriptionA security vulnerability has been identified in multiple Provision-ISR DVR devices including SH-4050A-2, SH-4100A-2L(MM) and SH-8100A-2L(MM). This vulnerability allows unauthorized disclosure of sensitive device information due to insufficient access controls on the device's web server. An attacker could exploit this vulnerability to engage in further unauthorized activities, affecting over 182,000 devices on the Internet.
La source⚠️ https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-Provision-ISR-DVR-1626b683e67c803881befbc730a93bf6?pvs=4
Utilisateur
 netsecfish (UID 64568)
Soumission20/12/2024 13:05 (il y a 1 Année)
Modérer04/01/2025 09:57 (15 days later)
StatutAccepté
Entrée VulDB290203 [Provision-ISR SH-4050A-2 jusqu’à 20241220 /server.js divulgation d'information]
Points16

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!