RSS   Vulnerabilities for 'Web server'   RSS

2020-01-18
 
CVE-2020-7222

CWE-287
 

 
An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them).

 

 >>> Vendor: Amcrest 4 Products
Web server
Amcrest ipc-hx1x3x-lexus eng n amcrest
Ipm-721s firmware
Ip2m-841b firmware


Copyright 2024, cxsecurity.com

 

Back to Top