CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

2015-06-29T00:00:00
ID SECURITYVULNS:DOC:32251
Type securityvulns
Reporter Securityvulns
Modified 2015-06-29T00:00:00

Description

CVEID: CVE-2015-4464

SUBJECT: Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

DESCRIPTION: A deficiency in handling authentication and authorization has been found with Kguard 104/108/v2 models. While password-based authentication is used by the ActiveX component to protect the login page, all the communication to the application server at port 9000 allows data to be communicated directly with insufficient or improper authorization.

CVSS Base Score: 9.7 CVSS Temporal Score: 8.3 CVSS Environmental Score: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:P/E:F/RL:U/RC:UR)

Affected Products and Versions

Kguard Digital Video Recorders: KG-SHA104/KG-SHA108/v2. Other variants that runs the same firmware from Zhuhai Raysharp Technology Co Ltd, are believed to be vulnerable.

Exploit / Proof of Concept:

https://goo.gl/L5ASRo

Remediation/Fixes

None.

Workarounds and Mitigations

See: [06]

References:

[01] http://www.securityfocus.com/archive/1/534830 [02] http://us.kworld-global.com/main/prod_in.aspx?mnuid=1306&modid=10&prodid=527 [03] http://osvdb.org/show/osvdb/119402 [04] http://osvdb.org/show/osvdb/119422 [05] http://osvdb.org/show/osvdb/119403 [06] https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_Vulnerabilities