37 lines
No EOL
1.1 KiB
Text
37 lines
No EOL
1.1 KiB
Text
BEWARD N100 H.264 VGA IP Camera M2.1.6 Unauthenticated RTSP Stream Disclosure
|
|
|
|
|
|
Vendor: Beward R&D Co., Ltd
|
|
Product web page: https://www.beward.net
|
|
Affected version: M2.1.6.04C014
|
|
|
|
Summary: The N100 compact color IP camera with support for a more efficient
|
|
compression format is optimized for low-speed networks, thanks to which it
|
|
transmits a real-time image over the network with minimal delays. The camera
|
|
supports the switching of the broadcast modes, and in the event of a break in
|
|
communication with the remote file storage, it can continue recording to the
|
|
microSDHC memory card. N100 is easy to install and configure, has all the
|
|
necessary arsenal for the organization of low-cost professional video surveillance
|
|
systems.
|
|
|
|
Desc: BEWARD N100 camera suffers from an unauthenticated and unauthorized
|
|
live RTSP video stream access.
|
|
|
|
Tested on: Boa/0.94.14rc21
|
|
Farady ARM Linux 2.6
|
|
|
|
|
|
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
|
|
@zeroscience
|
|
|
|
|
|
Advisory ID: ZSL-2019-5509
|
|
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5509.php
|
|
|
|
|
|
26.01.2019
|
|
|
|
--
|
|
|
|
|
|
http://TARGET/cgi-bin/view/image |