ГлавнаяУязвимости → CVE-2019-25240
9.8критическая

CVE-2019-25240

Описание

Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
http://www.rifatron.comhttps://www.exploit-db.com/exploits/47368https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5532.phphttps://www.exploit-db.com/exploits/47368https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5532.php