ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/96720/info | Third Party Advisory VDB Entry |
https://twitter.com/Hfuhs/status/839252357221330944 | Press/Media Coverage Third Party Advisory |
https://twitter.com/hack3rsca/status/839599437907386368 | Press/Media Coverage Third Party Advisory |
https://www.kb.cert.org/vuls/id/355151 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/96720/info | Third Party Advisory VDB Entry |
https://twitter.com/Hfuhs/status/839252357221330944 | Press/Media Coverage Third Party Advisory |
https://twitter.com/hack3rsca/status/839599437907386368 | Press/Media Coverage Third Party Advisory |
https://www.kb.cert.org/vuls/id/355151 | Third Party Advisory US Government Resource |
Configurations
History
21 Nov 2024, 03:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/96720/info - Third Party Advisory, VDB Entry | |
References | () https://twitter.com/Hfuhs/status/839252357221330944 - Press/Media Coverage, Third Party Advisory | |
References | () https://twitter.com/hack3rsca/status/839599437907386368 - Press/Media Coverage, Third Party Advisory | |
References | () https://www.kb.cert.org/vuls/id/355151 - Third Party Advisory, US Government Resource |
Information
Published : 2017-12-16 02:29
Updated : 2024-11-21 03:24
NVD link : CVE-2017-3185
Mitre link : CVE-2017-3185
CVE.ORG link : CVE-2017-3185
JSON object : View
Products Affected
acti
- camera_firmware