Vulnerability CVE-2014-1902

Vulnerability CVE-2014-1902

Published: 2015-05-13 Modified: 2015-05-14

Description:

Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote authenticated users to inject arbitrary web script or HTML via the (1) SYSCONTACT parameter to form/identityApply, as triggered using en/identity.asp; (2) PASSWD parameter to form/accAdd, as triggered using en/account/accedit.asp; (3) NTPSERVER parameter to form/clockApply, as triggered using en/clock.asp; (4) SERVER parameter to form/smtpclientApply, as triggered using en/smtpclient.asp; (5) SERVER parameter to form/ftpApply, as triggered using en/ftp.asp; or (6) SERVER parameter to form/httpEventApply, as triggered using en/httpevent.asp.

CVSS2 => (AV:N/AC:M/Au:S/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
3.5/10	2.9/10	6.8/10

Exploit range	Attack complexity	Authentication
Remote	Medium	Single time
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

Affected software
Y-cam -> Ycw002 firmware
Y-cam -> Ycbl03
Y-cam -> Ycw003 firmware
Y-cam -> Ycblb3
Y-cam -> Ycw004 firmware
Y-cam -> Ycw004
Y-cam -> Ycb001 firmware
Y-cam -> Ycb002 firmware
Y-cam -> Ycb003 firmware
Y-cam -> Ycb004 firmware
Y-cam -> Ycbl03 firmware
Y-cam -> Ycblb3 firmware
Y-cam -> Ycblhd5 firmware
Y-cam -> Yceb03 firmware
Y-cam -> Yck002 firmware
Y-cam -> Yck003 firmware
Y-cam -> Yck004 firmware
Y-cam -> Ycw001 firmware

References:

http://www.y-cam.com/y-cam-security-fix/

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2014-007/?fid=3850

Copyright 2024, cxsecurity.com