| Title | Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008, HDCVI 1016 N/A Exposure of Sensitive Information to an Unauthorized Actor |
|---|
| Description | The HTTP GET request to /cap.js on the server Intelbras DVR reveals several potentially sensitive pieces of information that are not properly protected or encrypted. The disclosed information includes device types, user information, streaming capabilities, network ports, and configurations which could be exploited by attackers to gain unauthorized access or conduct targeted attacks, affecting over 520,000 devices on the Internet. |
|---|
| Source | ⚠️ https://github.com/netsecfish/intelbras_cap_js |
|---|
| User | netsecfish (UID 64568) |
|---|
| Submission | 03/27/2024 08:57 (2 years ago) |
|---|
| Moderation | 04/01/2024 22:25 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 258933 [Intelbras HDCVI 1016 up to 20240401 HTTP GET Request /cap.js information disclosure] |
|---|
| Points | 19 |
|---|