| Название | CPPLUS CP_Plus_Wi-Fi_camera 1.0 Privilege Escalation |
|---|
| Описание | I would like to bring to your attention a critical security vulnerability discovered during our recent assessment of the CP_Plus_Wi-Fi_Camera product. Through our testing, we identified a privilege escalation vulnerability that poses a significant risk to the security integrity of the device.
The vulnerability allows a user with ordinary user-level privileges to exploit the system, enabling them to delete other users irrespective of their privilege level (Administrator, Operator, or User). This means that an attacker could potentially gain unauthorized access and manipulate user accounts, compromising the confidentiality, integrity, and availability of the device's functionalities and data.
Our testing methodology included the use of the ODM (Onvif Device Manager) tool, which facilitated the identification and exploitation of this vulnerability. By leveraging the capabilities of the ODM tool, we were able to simulate real-world scenarios and demonstrate the potential impact of the exploit. |
|---|
| Источник | ⚠️ https://drive.google.com/file/d/1-Fz3G5HQZxBNgeXjPfIR1bEeC_qAegWD/view?usp=sharing |
|---|
| Пользователь | faiyazahmad (UID 60242) |
|---|
| Представление | 01.04.2024 13:26 (2 лет назад) |
|---|
| Модерация | 07.04.2024 08:36 (6 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 259615 [CP Plus Wi-Fi Camera до 20240401 User Management эскалация привилегий] |
|---|
| Баллы | 20 |
|---|