Lucene search

[email protected]NVD:CVE-2024-31800

HistoryAug 15, 2024 - 5:15 p.m.

CVE-2024-31800

2024-08-1517:15:17

CWE-287

[email protected]

web.nvd.nist.gov

authentication bypass

gncc

indoor security camera

uart debugging port

physical access

command shell

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.3%

JSON

Authentication Bypass in GNCC’s GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port.

Affected configurations

Nvd

Node

gncchomegncc_c2_firmwareMatch-

AND

gncchome_gncc_c2Match-

VendorProductVersionCPE
gncchomegncc_c2_firmware-cpe:2.3:o:gncchome:gncc_c2_firmware:-:*:*:*:*:*:*:*
gncchome_gncc_c2-cpe:2.3:h:gncchome:_gncc_c2:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gncchome	gncc_c2_firmware	-	cpe:2.3:o:gncchome:gncc_c2_firmware:-:::::::*
gncchome	_gncc_c2	-	cpe:2.3:h:gncchome:_gncc_c2:-:::::::*

References

gncchome.com/collections/indoor-camera/products/c2-indoor-security-camera-1080p

www.nsideattacklogic.de/advisories/NSIDE-SA-2024-001

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.3%

JSON

Related for NVD:CVE-2024-31800

cvelist1 vulnrichment1 cve1