| Title | CPPLUS CP_Plus_Wi-Fi_camera 1.0 Privilege Escalation |
|---|
| Description | I would like to bring to your attention a critical security vulnerability discovered during our recent assessment of the CP_Plus_Wi-Fi_Camera product. Through our testing, we identified a privilege escalation vulnerability that poses a significant risk to the security integrity of the device.
The vulnerability allows a user with ordinary user-level privileges to exploit the system, enabling them to delete other users irrespective of their privilege level (Administrator, Operator, or User). This means that an attacker could potentially gain unauthorized access and manipulate user accounts, compromising the confidentiality, integrity, and availability of the device's functionalities and data.
Our testing methodology included the use of the ODM (Onvif Device Manager) tool, which facilitated the identification and exploitation of this vulnerability. By leveraging the capabilities of the ODM tool, we were able to simulate real-world scenarios and demonstrate the potential impact of the exploit. |
|---|
| Source | ⚠️ https://drive.google.com/file/d/1-Fz3G5HQZxBNgeXjPfIR1bEeC_qAegWD/view?usp=sharing |
|---|
| User | faiyazahmad (UID 60242) |
|---|
| Submission | 04/01/2024 13:26 (2 years ago) |
|---|
| Moderation | 04/07/2024 08:36 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 259615 [CP Plus Wi-Fi Camera up to 20240401 User Management improper authorization] |
|---|
| Points | 20 |
|---|