CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28861

The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to see FTP credentials in a cleartext HTTP traffic. These can be used for FTP access to the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.6%

CVSS Severity

CVSS v3 Score 5.9

References

https://github.com/ErwanBroquaire/citilog-8.0-vulnerability
https://www.citilog.com
https://www.citilog.com/wp-content/uploads/2023/07/CitilogSAS_information_note_2021-10-18-English.pdf
https://github.com/ErwanBroquaire/citilog-8.0-vulnerability
https://www.citilog.com
https://www.citilog.com/wp-content/uploads/2023/07/CitilogSAS_information_note_2021-10-18-English.pdf

Products affected by CVE-2022-28861

Citilog » Citilog » Version: 8.0

cpe:2.3:a:citilog:citilog:8.0
Axis » M1125 » Version: N/A

cpe:2.3:h:axis:m1125:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28861

Products

Pricing

Contact Us