Vulnerability Details CVE-2014-1900
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote attackers to bypass authentication and obtain sensitive information via a leading "/./" in a request to en/account/accedit.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.7%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-1900
-
cpe:2.3:h:y-cam:ycb001:-
-
cpe:2.3:h:y-cam:ycb002:-
-
cpe:2.3:h:y-cam:ycb003:-
-
cpe:2.3:h:y-cam:ycb004:-
-
cpe:2.3:h:y-cam:ycbl03:-
-
cpe:2.3:h:y-cam:ycblb3:-
-
cpe:2.3:h:y-cam:ycblhd5:-
-
cpe:2.3:h:y-cam:yceb03:-
-
cpe:2.3:h:y-cam:yck002:-
-
cpe:2.3:h:y-cam:yck003:-
-
cpe:2.3:h:y-cam:yck004:-
-
cpe:2.3:h:y-cam:ycw001:-
-
cpe:2.3:h:y-cam:ycw002:-
-
cpe:2.3:h:y-cam:ycw003:-
-
cpe:2.3:h:y-cam:ycw004:-
-
cpe:2.3:o:y-cam:ycb001_firmware:4.30
-
cpe:2.3:o:y-cam:ycb002_firmware:4.30
-
cpe:2.3:o:y-cam:ycb003_firmware:4.30
-
cpe:2.3:o:y-cam:ycb004_firmware:4.30
-
cpe:2.3:o:y-cam:ycbl03_firmware:4.30
-
cpe:2.3:o:y-cam:ycblb3_firmware:4.30
-
cpe:2.3:o:y-cam:ycblhd5_firmware:4.30
-
cpe:2.3:o:y-cam:yceb03_firmware:4.30
-
cpe:2.3:o:y-cam:yck002_firmware:4.30
-
cpe:2.3:o:y-cam:yck003_firmware:4.30
-
cpe:2.3:o:y-cam:yck004_firmware:4.30
-
cpe:2.3:o:y-cam:ycw001_firmware:4.30
-
cpe:2.3:o:y-cam:ycw002_firmware:4.30
-
cpe:2.3:o:y-cam:ycw003_firmware:4.30
-
cpe:2.3:o:y-cam:ycw004_firmware:4.30