Vulnerabilities > Acti > Camera Firmware > a1d.500.v6.11.31.ac

DATE CVE VULNERABILITY TITLE RISK
2017-12-16 CVE-2017-3186 Use of Hard-coded Credentials vulnerability in Acti Camera Firmware A1D500V6.11.31Ac
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices.
network
low complexity
acti CWE-798
critical
 10.0
10
2017-12-16 CVE-2017-3185 Information Exposure vulnerability in Acti Camera Firmware A1D500V6.11.31Ac
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
network
low complexity
acti CWE-200
5.0
5.0
2017-12-16 CVE-2017-3184 Use of Hard-coded Credentials vulnerability in Acti Camera Firmware A1D500V6.11.31Ac
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page.
network
low complexity
acti CWE-798
critical
 10.0
10