Vulnerability Details CVE-2022-24610
Settings/network settings/wireless settings on the Alecto DVC-215IP camera version 63.1.1.173 and below shows the Wi-Fi passphrase hidden, but by editing/removing the style of the password field the password becomes visible which grants access to an internal network connected to the camera.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 5.0
References
Products affected by CVE-2022-24610
-
cpe:2.3:h:alecto:dvc-215ip:-
-
cpe:2.3:o:alecto:dvc-215ip_firmware:63.1.1.148
-
cpe:2.3:o:alecto:dvc-215ip_firmware:63.1.1.159
-
cpe:2.3:o:alecto:dvc-215ip_firmware:63.1.1.169
-
cpe:2.3:o:alecto:dvc-215ip_firmware:63.1.1.171