Replace the IP 192.168.10.201 with the IPCamera’s current IP. Product App Version: Confirmed in version F2.0.04 to F2.0.25 Steps to reproduce: Summary: An unauthenticated remote attacker can discover the IPCamera’s currently running firmware version by opening a link to the web interface. Vulnerability: Unauthenticated firmware version disclosure Recommendation:Įncrypt the communications between IPCamera and outbound calls to MicroSeven Systems using SSL/TLS. ![]() This admin access can give an attacker the ability to update the firmware with a malicious firmware package, giving an attacker persistent access in a network. The attacker can achieve a network traffic capture using trivial man-in-the-middle attack techniques, such as ARP Poisoning. Impact: An attacker on the same network as the IPCamera can gain admin access to the device.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |