Vulnerability Details CVE-2018-10734
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a Print_Password function call in certain circumstances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
- https://github.com/hucmosin/MyBook/blob/master/KONGTOP_DVR_devices_vulnerability_report-CVE-2018-10734.pdf
- https://github.com/hucmosin/MyBook/blob/master/fu/DVR.pdf
- https://github.com/hucmosin/Python_Small_Tool/blob/master/other/DVR_POC.py
- https://github.com/hucmosin/MyBook/blob/master/KONGTOP_DVR_devices_vulnerability_report-CVE-2018-10734.pdf
- https://github.com/hucmosin/MyBook/blob/master/fu/DVR.pdf
- https://github.com/hucmosin/Python_Small_Tool/blob/master/other/DVR_POC.py
Products affected by CVE-2018-10734
-
cpe:2.3:h:kongtop:a303:-
-
cpe:2.3:h:kongtop:a403:-
-
cpe:2.3:h:kongtop:d303:-
-
cpe:2.3:h:kongtop:d305:-
-
cpe:2.3:h:kongtop:d403:-
-
cpe:2.3:o:kongtop:a303_firmware:-
-
cpe:2.3:o:kongtop:a403_firmware:-
-
cpe:2.3:o:kongtop:d303_firmware:-
-
cpe:2.3:o:kongtop:d305_firmware:-
-
cpe:2.3:o:kongtop:d403_firmware:-