Vulnerabilities > CVE-2020-24216
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to be private.