admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-01-05 02:00:56 +00:00
parent f0838d01a4
commit 7dc2214f5f
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
1 changed files with 138 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
2024/13xxx/CVE-2024-13130.json
View File

@ -1,17 +1,151 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13130",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine problematische Schwachstelle wurde in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S bis 20241222 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei ../mtd/Config/Sha1Account1 der Komponente Web Interface. Mit der Manipulation mit unbekannten Daten kann eine path traversal: '../filedir'-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal: '../filedir'",
"cweId": "CWE-24"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Relative Path Traversal",
"cweId": "CWE-23"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Dahua",
"product": {
"product_data": [
{
"product_name": "IPC-HFW1200S",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20241222"
}
]
}
},
{
"product_name": "IPC-HFW2300R-Z",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20241222"
}
]
}
},
{
"product_name": "IPC-HFW5220E-Z",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20241222"
}
]
}
},
{
"product_name": "IPC-HDW1200S",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20241222"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.290204",
"refsource": "MISC",
"name": "https://vuldb.com/?id.290204"
},
{
"url": "https://vuldb.com/?ctiid.290204",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.290204"
},
{
"url": "https://vuldb.com/?submit.464260",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.464260"
},
{
"url": "https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7?pvs=4",
"refsource": "MISC",
"name": "https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7?pvs=4"
}
]
},
"credits": [
{
"lang": "en",
"value": "netsecfish (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
}
]
}