RSS   Podatności dla 'Web server'   RSS

2020-01-18
 
CVE-2020-7222

CWE-287
 

 
An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them).

 

 >>> Vendor: Amcrest 4 Produkty
Amcrest ipc-hx1x3x-lexus eng n amcrest
Ipm-721s firmware
Ip2m-841b firmware
Web server


Copyright 2021, cxsecurity.com

 

Back to Top