SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure. This may allow an attacker on the same local network segment to login to the device with administrative privileges and perform operations on the device.
References
| Link | Resource |
|---|---|
| https://jvn.jp/en/vu/JVNVU96435227/index.html | Third Party Advisory VDB Entry |
| https://www.sony.co.uk/pro/article/sony-new-firmware-for-network-cameras | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
History
No history.
Information
Published : 2017-04-13 17:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-7834
Mitre link : CVE-2016-7834
CVE.ORG link : CVE-2016-7834
JSON object : View
Products Affected
sony
- snc-em630
- snc-dh220t
- snc-eb632r
- snc-ep521
- snc-vm600l
- snc-vm602r
- snc-ch160
- snc-dh120
- snc-zr550
- snc-vb600
- snc-wr632
- snc-zp550
- snc-eb630
- snc-cx600w
- snc-eb520
- snc-xm637
- snc-em602r
- snc-zm550
- snc-em631
- snc-vm631
- snc-vm630
- snc-xm631
- snc-er585h
- snc-ep520
- snc-wr602c
- snc-em601
- snc-vm632r
- snc-er550c
- snc-vm600
- snc-vm6307
- snc-wr632c
- snc-em521
- snc-er550
- snc-vb600b
- snc-vb6307
- snc-er521c
- snc-vm601b
- snc-em600
- snc-ch220
- snc-vb600b5
- snc-ep580
- snc-dh120t
- snc-wr600
- snc-wr602cl
- snc-em602rc
- snc-xm636
- snc-vm600b5
- snc-eb600b
- snc-eb600
- snc-vb600l
- snc-dh160
- snc-ch260
- snc-ch120
- snc-dh220
- snc-em632r
- snc-dh260
- snc-vb630
- snc-em632rc
- snc-wr630
- snc-er520
- snc-xm632
- snc-eb630b
- snc-vb632d
- snc_series_firmware
- snc-wr602
- snc-eb602r
- snc-er521
- snc-em520
- snc-vb635
- snc-vm6305
- snc-er580
- snc-ch115
- snc-er585
- snc-vm600b
- snc-zm551
- snc-ep550
- snc-cx600
- snc-vb6305
- snc-vm601
- snc-xm631l
- snc-zb550
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor