← Zuruck zu CVEs
CVE-2017-3185
N/ABeschreibung
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht12/16/2017
Zuletzt geandert4/20/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
acti:camera_firmware
Schwachen (CWE)
CWE-598CWE-200
Referenzen
http://www.securityfocus.com/bid/96720/info(cret@cert.org)
https://twitter.com/Hfuhs/status/839252357221330944(cret@cert.org)
https://twitter.com/hack3rsca/status/839599437907386368(cret@cert.org)
https://www.kb.cert.org/vuls/id/355151(cret@cert.org)
http://www.securityfocus.com/bid/96720/info(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/Hfuhs/status/839252357221330944(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/hack3rsca/status/839599437907386368(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/355151(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.