Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account, which allows remote attackers to view the RTSP video stream.
References
Link | Resource |
---|---|
https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2018-04-24 06:29
Updated : 2024-02-28 16:25
NVD link : CVE-2018-10328
Mitre link : CVE-2018-10328
CVE.ORG link : CVE-2018-10328
JSON object : View
Products Affected
momentum
- momentum_axel_720p
- momentum_axel_720p_firmware
CWE
CWE-798
Use of Hard-coded Credentials