Information disclosure in Netwave IP camera at get_status.cgi (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information from the device.
References
Link | Resource |
---|---|
https://github.com/SadFud/Exploits/tree/master/Real%20World/SCADA%20-%20IOT%20Systems/CVE-2018-11654 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
13 Sep 2021, 11:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netwavesystems:ip_camera:-:*:*:*:*:*:*:* |
cpe:2.3:h:seasofsolutions:ip_camera:-:*:*:*:*:*:*:* cpe:2.3:o:seasofsolutions:ip_camera_firmware:-:*:*:*:*:*:*:* |
Information
Published : 2018-08-24 21:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-11654
Mitre link : CVE-2018-11654
CVE.ORG link : CVE-2018-11654
JSON object : View
Products Affected
seasofsolutions
- ip_camera
- ip_camera_firmware
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor