Vulnerability CVE-2024-47789


Published: 2024-10-04

Description:
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 encoded username and password. A remote attacker could exploit this vulnerability by crafting a HTTP packet leading to exposure of user credentials of the targeted device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Type:

CWE-319

(Cleartext Transmission of Sensitive Information)

 References:
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0314

Copyright 2024, cxsecurity.com

 

Back to Top