GeoVision GV-ADR2701 Improper Authentication (CVE-2023-3638)

In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

CVE-2023-3638

In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application...

Design/Logic Flaw

In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application...

CVE-2023-3638

Summary: CVE-2023-3638 affects GeoVision GV-ADR2701 cameras. An attacker could edit the login response to gain access to the camera’s web application, enabling unauthorized login. The vulnerability is exploitable remotely with low attack complexity (CVSS v3.1: 9.8, high impact on confidentiality,...

PT-2023-3933 · Geovision · Geovision Gv-Adr2701

Name of the Vulnerable Software and Affected Versions: GeoVision GV-ADR2701 affected versions not specified Description: The issue is related to errors in the authentication procedure of the GeoVision GV-ADR2701 IP video surveillance system. An attacker could exploit this by editing the login...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on July 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-199-01 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A ICSA-23-199-02...

GeoVision GV-ADR2701

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity/public exploits are available ​Vendor: GeoVision ​Equipment: GV-ADR2701 ​Vulnerabilities: Improper Authentication 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to...

GeoVision Camera GV-ADR2701 Authentication Bypass

Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Date: 26 December , 2020 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on...

GeoVision Camera GV-ADR2701 - Authentication Bypass

Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Date: 26 December , 2020 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on...

GeoVision Camera GV-ADR2701 - Authentication Bypass Vulnerability

Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on: windows 10 Exploitation...