eloygn/IT_Security_Research_WirelessIP_camera_family

eloygn/IT_Security_Research_WirelessIP_camera_family

Releases0

Stars6

New vulnerabilities have been found in the latest version of a family of Chinesse IP-Cameras

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-11632 ↗	Feb 26, 2018Monday, 26 February 2018, 22:29	—	10 HIGH
An issue was discovered on Wireless IP Camera 360 devices. A root account with a known SHA-512 password hash exists, which makes it easier for remote attackers to obtain administrative access via a TELNET session.
CVE-2017-11633 ↗	Feb 26, 2018Monday, 26 February 2018, 22:29	—	5 MEDIUM
An issue was discovered on Wireless IP Camera 360 devices. Remote attackers can discover RTSP credentials by connecting to TCP port 9527 and reading the InsertConnect field.
CVE-2017-11634 ↗	Feb 26, 2018Monday, 26 February 2018, 22:29	—	10 HIGH
An issue was discovered on Wireless IP Camera 360 devices. Remote attackers can discover a weakly encoded admin password by connecting to TCP port 9527 and reading the password field of the debugging information, e.g., nTBCS19C corresponds to a password of 123456.
CVE-2017-11635 ↗	Feb 26, 2018Monday, 26 February 2018, 22:29	—	5 MEDIUM
An issue was discovered on Wireless IP Camera 360 devices. Attackers can read recordings by navigating to /mnt/idea0 or /mnt/idea1 on the SD memory card.