The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint.
References
Link | Resource |
---|---|
https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-10-19T22:00:00
Updated: 2018-10-19T21:57:01
Reserved: 2018-06-22T00:00:00
Link: CVE-2018-12675
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-10-19T22:29:01.100
Modified: 2019-01-11T17:09:21.587
Link: CVE-2018-12675
JSON object: View
Redhat Information
No data.
CWE