Lucene search

[email protected]NVD:CVE-2024-31798

HistoryAug 15, 2024 - 5:15 p.m.

CVE-2024-31798

2024-08-1517:15:17

CWE-798

CWE-259

[email protected]

web.nvd.nist.gov

root password

hardcoded

security camera

physical access

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.3%

JSON

Identical Hardcoded Root Password for All Devices in GNCC’s GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices

Affected configurations

Nvd

Node

gncchomegncc_c2_firmwareMatch-

AND

gncchome_gncc_c2Match-

VendorProductVersionCPE
gncchomegncc_c2_firmware-cpe:2.3:o:gncchome:gncc_c2_firmware:-:*:*:*:*:*:*:*
gncchome_gncc_c2-cpe:2.3:h:gncchome:_gncc_c2:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gncchome	gncc_c2_firmware	-	cpe:2.3:o:gncchome:gncc_c2_firmware:-:::::::*
gncchome	_gncc_c2	-	cpe:2.3:h:gncchome:_gncc_c2:-:::::::*

References

gncchome.com/collections/indoor-camera/products/c2-indoor-security-camera-1080p

www.nsideattacklogic.de/advisories/NSIDE-SA-2024-001

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.3%

JSON

Related for NVD:CVE-2024-31798

vulnrichment1 cve1 cvelist1