提出 #467085: Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclos情報

タイトルProvision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) , NVR5-8200PX 1.2.6.0R0.B180303h.1.D00.U2(4A21S), 1.2.6.0R0.B180303h.1.D00.U2(4A21T), 1.2.6.0R0.B180303h.1.N0K.U2(8A218), 1.2.6.0R0.B180303h.1 Information Disclos
説明A security vulnerability has been identified in multiple Provision-ISR DVR devices including SH-4050A-2, SH-4100A-2L(MM) and SH-8100A-2L(MM). This vulnerability allows unauthorized disclosure of sensitive device information due to insufficient access controls on the device's web server. An attacker could exploit this vulnerability to engage in further unauthorized activities, affecting over 182,000 devices on the Internet.
ソース⚠️ https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-Provision-ISR-DVR-1626b683e67c803881befbc730a93bf6?pvs=4
ユーザー
 netsecfish (UID 64568)
送信2024年12月20日 13:05 (1 年 ago)
モデレーション2025年01月04日 09:57 (15 days later)
ステータス承諾済み
VulDBエントリ290203 [Provision-ISR SH-4050A-2 迄 20241220 /server.js 情報漏えい]
ポイント16

概要

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!