CVE-2018-12671
Last modified
CVE-2018-12671 is a vulnerability of currently unknown severity. An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web interface.. EPSS estimates a 1.27% chance of exploitation in the next 30 days.
Description
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web interface.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sv3c | H.264 Poe Ip Camera Firmware | v2.3.4.2103-s50-ntd-b20170508b |
| Sv3c | H.264 Poe Ip Camera Firmware | v2.3.4.2103-s50-ntd-b20170823b |
References
- https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/Exploit, Third Party Advisory
- https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-12671?
How severe is CVE-2018-12671?
How do I fix CVE-2018-12671?
Are you affected by CVE-2018-12671?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST