CVE-2018-10770
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.
9.8CVSS
9.3AI Score
0.017EPSS