Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CastelNextgen Dvr Firmware

2 matches found

CVE
CVEadded 2020/06/04 7:15 p.m.55 views

CVE-2020-11681

Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.

8.1CVSS7.9AI score0.00258EPSS
CVE
CVEadded 2020/06/04 7:15 p.m.49 views

CVE-2020-11679

Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Adminstrator/Users/Edit/:UserId fails to check that the request was submitted by an Administrator. This allows a normal user to escalate their privileges by adding additional r...

8.8CVSS8.9AI score0.00143EPSS
Web