CVE-2022-47070

2023-02-0300:00:00

mitre

www.cve.org

nvs365 v01

vulnerable

incorrect access control

wrong password

server

information security

0.002 Low

EPSS

Percentile

51.8%

JSON

NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information.

References

github.com/Sylon001/NVS-365-Camera/tree/master/NVS365%20Network%20Video%20Server%20Password%20Information%20Unauthorized%20Access%20Vulnerability

github.com/Sylon001/NVS365/tree/main/NVS-365-V01%E6%91%84%E5%83%8F%E5%A4%B4%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%E5%AF%86%E7%A0%81

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for CVELIST:CVE-2022-47070