Lucene search

PRIOn knowledge basePRION:CVE-2010-4232

HistoryNov 17, 2010 - 1:00 a.m.

Authentication flaw

2010-11-1701:00:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.5%

JSON

The web-based administration interface on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to bypass authentication via a // (slash slash) at the beginning of a URI, as demonstrated by the //system.html URI.

CPENameOperatorVersion
cmnc-200_firmwareeq1.102.978
cmnc-200_firmwareeq1.102.978

CPE	Name	Operator	Version
	cmnc-200_firmware	eq	1.102.978
	cmnc-200_firmware	eq	1.102.978

References

www.securityfocus.com/archive/1/514753/100/0/threaded

www.exploit-db.com/exploits/15506

www.trustwave.com/spiderlabs/advisories/TWSL2010-006.txt

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.5%

JSON

Related for PRION:CVE-2010-4232