CVE-2017-11510

2017-11-1000:00:00

CWE-200

tenable

www.cve.org

AI Score

9.5

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON

An information leak exists in Wanscam’s HW0021 network camera that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF GetSnapshotUri request.

CNA Affected

[
  {
    "product": "Wanscam HW0021",
    "vendor": "Wanscam",
    "versions": [
      {
        "status": "affected",
        "version": "11.6.5.1.1-20161213"
      }
    ]
  }
]

References

www.tenable.com/security/research/tra-2017-33