An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/648540858/wvp-GB28181-pro/issues/1456 | Exploit Issue Tracking | 
| https://github.com/648540858/wvp-GB28181-pro/issues/1456 | Exploit Issue Tracking | 
Configurations
                    History
                    13 Jun 2025, 14:46
| Type | Values Removed | Values Added | 
|---|---|---|
| CPE | cpe:2.3:a:wvp-pro:gb28181:2.0:*:*:*:pro:*:*:* | |
| First Time | Wvp-pro gb28181 Wvp-pro | |
| References | () https://github.com/648540858/wvp-GB28181-pro/issues/1456 - Exploit, Issue Tracking | 
21 Nov 2024, 09:22
| Type | Values Removed | Values Added | 
|---|---|---|
| References | () https://github.com/648540858/wvp-GB28181-pro/issues/1456 - | 
06 Sep 2024, 17:35
| Type | Values Removed | Values Added | 
|---|---|---|
| CWE | CWE-613 | |
| CVSS | v2 : v3 : | v2 : unknown v3 : 6.5 | 
13 Jun 2024, 18:36
| Type | Values Removed | Values Added | 
|---|---|---|
| Summary | 
 | 
12 Jun 2024, 21:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2024-06-12 21:15
Updated : 2025-06-13 14:46
NVD link : CVE-2024-36523
Mitre link : CVE-2024-36523
CVE.ORG link : CVE-2024-36523
JSON object : View
Products Affected
                wvp-pro
- gb28181
CWE
                
                    
                        
                        CWE-613
                        
            Insufficient Session Expiration
