CVE-2021-30167
Last modified
CVE-2021-30167 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.. EPSS estimates a 2.44% chance of exploitation in the next 30 days.
Description
The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Meritlilin | P2r8852e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r8852e4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6852e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6852e4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6552e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6552e4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6352ae2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6352ae4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r3052ae2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2g1052 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r8822e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r8822e4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6822e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6822e4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6522e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6522e4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6322ae2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r6322ae4 Firmware | < 7.1.94.8908 |
| Meritlilin | P2r3022ae2 Firmware | < 7.1.94.8908 |
| Meritlilin | P2g1022 Firmware | < 7.1.94.8908 |
| Meritlilin | P2g1022x Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8852ax Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8152x-P Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8152x2-P Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8052ex25 Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r6552x Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r6452ax Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r6452ax-P Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8822ax Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8122x-P Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8122x2-P Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r8022ex25 Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r6522x Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r6422ax Firmware | < 7.1.94.8908 |
| Meritlilin | Z2r6422ax-P Firmware | < 7.1.94.8908 |
| Meritlilin | P3r6322e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P3r6522e2 Firmware | < 7.1.94.8908 |
| Meritlilin | P3r8822e2 Firmware | < 7.1.94.8908 |
| Meritlilin | Z3r6422x3 Firmware | < 7.1.94.8908 |
| Meritlilin | Z3r6522x Firmware | < 7.1.94.8908 |
| Meritlilin | Z3r8922x3 Firmware | < 7.1.94.8908 |
References
- https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3eThird Party Advisory
- https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388Third Party Advisory
- https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.htmlNot Applicable
- https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3eThird Party Advisory
- https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388Third Party Advisory
- https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.htmlNot Applicable
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-30167?
How severe is CVE-2021-30167?
How do I fix CVE-2021-30167?
Are you affected by CVE-2021-30167?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST