cve/CVE-2017-8225.md at 9cc2023bd8dbe0ab8c5f051fa9a43f1e04594987

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI.

POC

Reference

http://seclists.org/fulldisclosure/2017/Mar/23
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#pre-auth-info-leak-goahead

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/K3ysTr0K3R/CVE-2017-8225-EXPLOIT
https://github.com/K3ysTr0K3R/K3ysTr0K3R
https://github.com/kienquoc102/CVE-2017-8225

954 B Raw Blame History

CVE-2017-8225

Description

POC

Reference

Github

954 B

Raw Blame History