Lucene search

[email protected]CVE-2017-11633

HistoryFeb 26, 2018 - 10:29 p.m.

CVE-2017-11633

2018-02-2622:29:00

[email protected]

web.nvd.nist.gov

wireless ip camera

360 devices

issue

remote attackers

rtsp credentials

tcp port 9527

security vulnerability

cve-2017-11633

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.008

Percentile

81.8%

JSON

An issue was discovered on Wireless IP Camera 360 devices. Remote attackers can discover RTSP credentials by connecting to TCP port 9527 and reading the InsertConnect field.

Affected configurations

NVD

Node

-wireless_ip_camera_360Match-

VendorProductVersionCPE
-wireless_ip_camera_360-cpe:/h:-:wireless_ip_camera_360:-:::

Vendor	Product	Version	CPE
-	wireless_ip_camera_360	-	cpe:/h:-:wireless_ip_camera_360:-:::

References

github.com/eloygn/IT_Security_Research_WirelessIP_camera_family

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.008

Percentile

81.8%

JSON

Related for CVE-2017-11633

cvelist1 nvd1 prion1