Published: 19/02/2018 Updated: 03/10/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in Apexis APM-H803-MPC software, as used with many different models of IP Camera. An unprotected CGI method inside the web application permits an unauthenticated user to bypass the login screen and access the webcam contents including: live video stream, configuration files with all the passwords, system information, and much more. With this vulnerability, anyone can access to a vulnerable webcam with 'super admin' privilege.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apexis apm-h803-mpc_firmware 1.1.2.69

IoT Security Checker is a framework for automating some IoT-related security checks

IoT-SecurityChecker This software was developed as part of my Master degree thesis project @ University of Milan in order to automate the discovery and exploitation process of IoT devices This project aims to be a starting point for further research, a framework to be enriched with new modules, exploits and techniques Actually IoT-SecurityChecker is able to identify any dev

NVD-CWE-noinfo https://youtu.be/B75C13Zw35Y https://nvd.nist.gov https://github.com/c0mix/IoT-SecurityChecker

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-17101

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect