|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-04-09 | |
| Rule Name: | Dahua Smart Park Management Arbitrary Password Read Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Dahua Smart Park Management is an integrated management platform, with the park operation, resource allocation and intelligent services and other functions. Dahua Smart Park Management exists an arbitrary password read vulnerability, because the platform does not limit the interface permissions, attackers can get any user password from user_getUserInfoByUserName.action interface. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |