Vulnerability Details CVE-2016-6537
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers, which allows context-dependent attacks to obtain sensitive information by reading these strings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2016-6537
-
cpe:2.3:h:aver:eh6108h+:-
-
cpe:2.3:o:aver:eh6108h+_firmware:x9.03.24.00.07l