3 matches found
EUVD-2020-30822
ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may...
CVE-2020-36871
Summary: CVE-2020-36871 affects ESCAM QD-900 WIFI HD cameras. An unauthenticated GET/download on /web/cgi-bin/hi3510/backup.cgi allows remote retrieval of a compressed configuration backup, which can contain administrative credentials and other sensitive device settings. This information disclosu...
CVE-2020-36874 ACE SECURITY WIP-90113 Unauthenticated Configuration Disclosure
ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may...