Vulnerability CVE-2019-12919
Published: 2019-06-20

Description:
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Cylan -> Clever dog smart camera panorama dog-2w firmware 
Cylan -> Clever dog smart camera plus dog-2w-v4 firmware 

 References:
https://www.exploit-db.com/exploits/46993
Copyright 2024, cxsecurity.com

 

Back to Top