Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-47790

Oct. 14, 2024, 11:15 a.m.

Tags

CWE-862
vdisclose@cert-in.org.in
2024-10-04
CVE-2024-47790

Product(s) Impacted

D3D Security IP Camera

  • UNSUPPORTED

Description

** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera D8801 due to usage of insecure Real-Time Streaming Protocol (RTSP) version for live video streaming. A remote attacker could exploit this vulnerability by crafting a RTSP packet leading to unauthorized access to live feed of the targeted device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Weaknesses

CWE-862
Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

CWE ID: 862

Date

Published: Oct. 4, 2024, 1:15 p.m.

Last Modified: Oct. 14, 2024, 11:15 a.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

vdisclose@cert-in.org.in

References

https://www.cert-in.org.in/ vdisclose@cert-in.org.in