Vulnerability Details CVE-2018-10770
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
Products affected by CVE-2018-10770
-
cpe:2.3:h:annigroup:5_in_1_xvr:-
-
cpe:2.3:o:annigroup:5_in_1_xvr_firmware:-