CVE-2017-15236 - OpenCVE

Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Tiandy	Tiandy Ip Camera Firmware Tiandy Ip Camera

Configuration 1 [-]

AND

cpe:2.3:o:tiandy:tiandy_ip_camera_firmware:5.56.17.120:*:*:*:*:*:*:*

cpe:2.3:h:tiandy:tiandy_ip_camera:-:*:*:*:*:*:*:*

References

Link	Resource
https://blogs.securiteam.com/index.php/archives/3444	Exploit Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:23:34

Updated: 2022-10-03T16:23:34

Reserved: 2022-10-03T00:00:00

Link: CVE-2017-15236

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-10-11T03:29:00.290

Modified: 2017-11-05T20:59:18.597

Link: CVE-2017-15236

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tiandy:tiandy_ip_camera_firmware:5.56.17.120:*:*:*:*:*:*:*", "matchCriteriaId": "46132A12-C0D9-4BBD-9D44-8D0CEEFBA0DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tiandy:tiandy_ip_camera:-:*:*:*:*:*:*:*", "matchCriteriaId": "998F731C-B47D-4231-AB58-08203169ECFB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt."}, {"lang": "es", "value": "C\u00e1maras Tiandy IP 5.56.17.120 no restringen correctamente cierto protocolo propietario, lo que permite que atacantes remotos lean configuraciones mediante una petici\u00f3n manipulada al puerto TCP 3001, demostrado por los archivos config* y extendword.txt."}], "id": "CVE-2017-15236", "lastModified": "2017-11-05T20:59:18.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-11T03:29:00.290", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://blogs.securiteam.com/index.php/archives/3444"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}