CVE-2024-8956 - PTZOptics PT30X-SDI/NDI Unauthenticated Authentication Bypass

1 month ago 16

ARTICLE AD BOX

CVE ID : CVE-2024-8956
Published : Sept. 17, 2024, 8:15 p.m. | 24 minutes ago
Description : PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can leak sensitive data such as usernames, password hashes, and configurations details. Additionally, the attacker can update individual configuration values or overwrite the whole file.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Read Entire Article

CVE-2024-8956 - PTZOptics PT30X-SDI/NDI Unauthenticated Authentication Bypass

ARTICLE AD BOX

Related

CVE-2024-10131 - InfiniFlow RCE via User-Controlled Class In...

CVE-2024-9219 - WordPress Social Share Buttons Cross-Site Sc...

CVE-2019-25218 - WordPress Photo Gallery Slideshow & Masonry...

Trending

Popular

CVE-2024-6343 - Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W...

CVE-2024-5053 - Fluent Forms Mailchimp API Key Update Weakne...

CVE-2024-8367 - HM Courts & Tribunals Service Probate Back O...

CVE-2024-44946 - Linux KCM kcm_sendmsg() UAF

CVE-2024-8368 - "Code-projects Hospital Management System SQ...