V2.3.4.2103S50Ntdb20170823B

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sv3c

NVD

Published: 2018-10-19

Updated: 2019-10-03

Summary

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.

Vulnerable Configurations

Part	Description	Count
OS	Sv3C Sv3C H.264 POE IP Camera Firmware V2.3.4.2103-S50-Ntd-B20170508B Sv3C H.264 POE IP Camera Firmware V2.3.4.2103-S50-Ntd-B20170823B	2
Hardware	Sv3C Sv3C SV B01Poe 1080P L - Sv3C SV B11Vpoe 1080P L - Sv3C SV D02Poe 1080P L -	3

References

https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/