Vulnerability Details CVE-2019-14709
A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
Products affected by CVE-2019-14709
-
cpe:2.3:h:microdigital:mdc-n2190v:-
-
cpe:2.3:h:microdigital:mdc-n4090:-
-
cpe:2.3:h:microdigital:mdc-n4090w:-
-
cpe:2.3:o:microdigital:mdc-n2190v_firmware:-
-
cpe:2.3:o:microdigital:mdc-n2190v_firmware:6400.0.8.5
-
cpe:2.3:o:microdigital:mdc-n4090_firmware:-
-
cpe:2.3:o:microdigital:mdc-n4090_firmware:6400.0.8.5
-
cpe:2.3:o:microdigital:mdc-n4090w_firmware:-
-
cpe:2.3:o:microdigital:mdc-n4090w_firmware:6400.0.8.5