The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (2) MJPEG video data by sniffing the network.
References
Link | Resource |
---|---|
http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/ | Exploit |
https://www.kb.cert.org/vuls/id/792004 | Third Party Advisory US Government Resource |
Configurations
History
No history.
Information
Published : 2015-12-27 03:59
Updated : 2024-02-28 15:21
NVD link : CVE-2015-8253
Mitre link : CVE-2015-8253
CVE.ORG link : CVE-2015-8253
JSON object : View
Products Affected
rsi_video_technologies
- frontel_protocol
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor