|
|
|||
| Rule General Information |
|---|
| Release Date: | 2017-05-12 | |
| Rule Name: | Wireless IP Camera WIFICAM Devices Authentication Bypass Vulnerability -1 (CVE-2017-8225) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI. | |
| Impact: | An attacker can bypass authentication by providing an empty login parameter and an empty loginpas parameter in the URI. | |
| Affected OS: | Others | |
| Reference: | http://seclists.org/fulldisclosure/2017/Mar/23 https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#pre-auth-info-leak-goahead |
|
| Solutions |
|---|
| The vendor has updated advisory on its official website. Please check it for more information. |