Submeter #316408: EZVIZ Camera model: CS-C6-21WFR-8, firmware: V5.2.7 build 170628 Improper Certificate Validationinformação

TítuloEZVIZ Camera model: CS-C6-21WFR-8, firmware: V5.2.7 build 170628 Improper Certificate Validation
DescriçãoThe camera fails to verify the cloud server certificate and the SSL/TLS connection can be decrypted with a man-in-the-middle attack. Furthermore, a phantom service attack is discovered based on the decrypted SSL/TLS connection.
Fonte⚠️ https://github.com/kzLiu2017/CVE_Document/blob/main/CVE_%20advisory_ezviz.pdf
Utilizador
 kaizheng (UID 67391)
Submissão15/04/2024 04h09 (há 2 anos)
Moderação23/04/2024 15h07 (8 days later)
EstadoAceite
Entrada VulDB261789 [EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628 Davinci Application Autenticação fraca]
Pontos16

Do you know our Splunk app?

Download it now for free!