Submit #305410: Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008, HDCVI 1016 N/A Exposure of Sensitive Information to an Unauthorized Actorinfo

TitleIntelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008, HDCVI 1016 N/A Exposure of Sensitive Information to an Unauthorized Actor
DescriptionThe HTTP GET request to /cap.js on the server Intelbras DVR reveals several potentially sensitive pieces of information that are not properly protected or encrypted. The disclosed information includes device types, user information, streaming capabilities, network ports, and configurations which could be exploited by attackers to gain unauthorized access or conduct targeted attacks, affecting over 520,000 devices on the Internet.
Source⚠️ https://github.com/netsecfish/intelbras_cap_js
User netsecfish (UID 64568)
Submission03/27/2024 08:57 (2 years ago)
Moderation04/01/2024 22:25 (6 days later)
StatusAccepted
VulDB entry258933 [Intelbras HDCVI 1016 up to 20240401 HTTP GET Request /cap.js information disclosure]
Points19

Do you know our Splunk app?

Download it now for free!