CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12666

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-12666

Sv3c » Sv-B01poe-1080p-L » Version: N/A

cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-
Sv3c » Sv-B11vpoe-1080p-L » Version: N/A

cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-
Sv3c » Sv-D02poe-1080p-L » Version: N/A

cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-
Sv3c » H.264 Poe Ip Camera Firmware » Version: v2.3.4.2103-s50-ntd-b20170508b

cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b
Sv3c » H.264 Poe Ip Camera Firmware » Version: v2.3.4.2103-s50-ntd-b20170823b

cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170823b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12666

Products

Pricing

Contact Us