Arteco Web Client DVR/NVR Session Hijacking Vulnerability

The session identifier used by Arteco Web Client DVR/NVR is of an insufficient length and can be brute forced, allowing a remote attacker to obtain a valid session, bypass authentication, and disclose the live camera stream. !/usr/bin/env python3 Arteco Web Client DVR/NVR 'SessionId' Cookie Brute...

Best Practices for deploying PVS in multi-geo environments

In scenarios where companies have a Global presence with multiple geographical locations, it is sometimes desirable to have a Provisioning Services Farm that spans multiple locations across the globe. PVS requires a constant andreliable connection to the SQL database. If there's a delay in...