CVE-2020-11680
Castel NextGen DVR v1.0.0 is affected by an authorization bypass vulnerability where requests are not checked for admin privileges, enabling a normal user to perform admin actions such as creating/modifying the file store, alerts, and users. Root cause: missing admin verification on administrator...