| |
Podatność CVE-2024-47789
Publikacja: 2024-10-04
| Opis: |
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 encoded username and password. A remote attacker could exploit this vulnerability by crafting a HTTP packet leading to exposure of user credentials of the targeted device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
Typ:
CWE-319 (Cleartext Transmission of Sensitive Information)
Referencje: |
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0314
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English