Vulnerabilites related to tbkvision - tbk-dvr4216
Vulnerability from fkie_nvd
Published
2018-04-10 22:29
Modified
2024-11-21 04:16
Severity ?
Summary
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tbkvision | tbk-dvr4216_firmware | - | |
| tbkvision | tbk-dvr4216 | - | |
| tbkvision | tbk-dvr4104_firmware | - | |
| tbkvision | tbk-dvr4104 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tbkvision:tbk-dvr4216_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ACEA91-6D4B-48D1-AFC8-092C7B455684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tbkvision:tbk-dvr4216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "294F89F8-BBC2-4C95-AD45-B1211B378BB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tbkvision:tbk-dvr4104_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9FC3E3-0C18-471E-98A0-CEE0D236E71C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tbkvision:tbk-dvr4104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13CB1628-F565-4979-A14B-365ADDF3DF46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a \"Cookie: uid=admin\" header, as demonstrated by a device.rsp?opt=user\u0026cmd=list request that provides credentials within JSON data in a response."
},
{
"lang": "es",
"value": "Los dispositivos TBK DVR4104 y DVR4216, as\u00ed como Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login y MDVR Login, que ejecutan versiones renombradas de las series TBK DVR4104 y DVR4216 originales, permiten que atacantes remotos omitan la autenticaci\u00f3n mediante una cabecera \"Cookie: uid=admin\". Esto queda demostrado con una petici\u00f3n device.rsp?opt=usercmd=list que proporciona credenciales en datos JSON en una respuesta."
}
],
"id": "CVE-2018-9995",
"lastModified": "2024-11-21T04:16:00.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-10T22:29:00.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44577/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44577/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-02 18:29
Modified
2024-11-21 03:41
Severity ?
Summary
CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tbkvision | tbk-dvr4216_firmware | - | |
| tbkvision | tbk-dvr4216 | - | |
| tbkvision | tbk-dvr4104_firmware | - | |
| tbkvision | tbk-dvr4104 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tbkvision:tbk-dvr4216_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ACEA91-6D4B-48D1-AFC8-092C7B455684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tbkvision:tbk-dvr4216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "294F89F8-BBC2-4C95-AD45-B1211B378BB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tbkvision:tbk-dvr4104_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9FC3E3-0C18-471E-98A0-CEE0D236E71C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tbkvision:tbk-dvr4104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13CB1628-F565-4979-A14B-365ADDF3DF46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI."
},
{
"lang": "es",
"value": "Los dispositivos CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR permiten que atacantes remotos descarguen un archivo y obtengan informaci\u00f3n sensible de credenciales mediante una petici\u00f3n directa para el URI download.rsp."
}
],
"id": "CVE-2018-10676",
"lastModified": "2024-11-21T03:41:49.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-02T18:29:00.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201805-0326
Vulnerability from variot
CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI. TBK Vision DVR The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CeNova DVR etc. are DVR (hard disk video recorder) devices from different manufacturers. There are security vulnerabilities in several DVR devices. Products from the following manufacturers are affected: CeNova DVR; Night OWL DVR; Novo DVR; Pulnix DVR; QSee DVR; Securus DVR; TBK Vision DVR
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0326",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tbk-dvr4104",
"scope": "eq",
"trust": 1.6,
"vendor": "tbkvision",
"version": null
},
{
"model": "tbk-dvr4216",
"scope": "eq",
"trust": 1.6,
"vendor": "tbkvision",
"version": null
},
{
"model": "tbk-dvr4104",
"scope": null,
"trust": 0.8,
"vendor": "tbkvision",
"version": null
},
{
"model": "tbk-dvr4216",
"scope": null,
"trust": 0.8,
"vendor": "tbkvision",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:tbkvision:tbk-dvr4104_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:tbkvision:tbk-dvr4216_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
}
]
},
"cve": "CVE-2018-10676",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10676",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120459",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10676",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10676",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10676",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-109",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-120459",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-10676",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120459"
},
{
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI. TBK Vision DVR The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CeNova DVR etc. are DVR (hard disk video recorder) devices from different manufacturers. There are security vulnerabilities in several DVR devices. Products from the following manufacturers are affected: CeNova DVR; Night OWL DVR; Novo DVR; Pulnix DVR; QSee DVR; Securus DVR; TBK Vision DVR",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10676"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "VULHUB",
"id": "VHN-120459"
},
{
"db": "VULMON",
"id": "CVE-2018-10676"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10676",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-120459",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-10676",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120459"
},
{
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"id": "VAR-201805-0326",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-120459"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:45:19.690000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TBK-DVR4104 ",
"trust": 0.8,
"url": "http://tbkvision.com/producto/tbk-dvr4104/"
},
{
"title": "TBK-DVR4216 ",
"trust": 0.8,
"url": "http://tbkvision.com/producto/tbk-dvr4216/"
},
{
"title": "Multiple DVR Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79843"
},
{
"title": "CamSploit v1.0.1",
"trust": 0.1,
"url": "https://github.com/maxpowersi/CamSploit "
},
{
"title": "CamSploit v1.0.1",
"trust": 0.1,
"url": "https://github.com/Satcomx00-x00/Camera-CamSploit "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10676"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10676"
},
{
"trust": 0.8,
"url": "http://misteralfa-hack.blogspot.com/2018/05/0day-dvr-multivendor.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/maxpowersi/camsploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120459"
},
{
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-120459"
},
{
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-120459"
},
{
"date": "2018-05-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"date": "2018-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"date": "2018-05-02T18:29:00.657000",
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-120459"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10676"
},
{
"date": "2018-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004800"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-109"
},
{
"date": "2024-11-21T03:41:49.900000",
"db": "NVD",
"id": "CVE-2018-10676"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TBK Vision DVR Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004800"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-109"
}
],
"trust": 0.6
}
}
var-201804-1666
Vulnerability from variot
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response. TBK DVR4104 and DVR4216 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both the TBKDVR4104 and DVR4216 are high definition digital video recorder devices. There are security vulnerabilities in the TBKDVR4104 and DVR4216. A remote attacker can exploit this vulnerability to bypass authentication with the help of the Cookie:uid=admin header
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1666",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tbk-dvr4104",
"scope": "eq",
"trust": 1.6,
"vendor": "tbkvision",
"version": null
},
{
"model": "tbk-dvr4216",
"scope": "eq",
"trust": 1.6,
"vendor": "tbkvision",
"version": null
},
{
"model": "tbk-dvr4104",
"scope": null,
"trust": 0.8,
"vendor": "tbkvision",
"version": null
},
{
"model": "tbk-dvr4216",
"scope": null,
"trust": 0.8,
"vendor": "tbkvision",
"version": null
},
{
"model": "dvr4104 no",
"scope": null,
"trust": 0.6,
"vendor": "tbk",
"version": null
},
{
"model": "dvr4216 no",
"scope": null,
"trust": 0.6,
"vendor": "tbk",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:tbkvision:tbk-dvr4104_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:tbkvision:tbk-dvr4216_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
}
]
},
"cve": "CVE-2018-9995",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-9995",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-08885",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-140027",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-9995",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-9995",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-9995",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-08885",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-454",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-140027",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-9995",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "VULMON",
"id": "CVE-2018-9995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a \"Cookie: uid=admin\" header, as demonstrated by a device.rsp?opt=user\u0026cmd=list request that provides credentials within JSON data in a response. TBK DVR4104 and DVR4216 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both the TBKDVR4104 and DVR4216 are high definition digital video recorder devices. There are security vulnerabilities in the TBKDVR4104 and DVR4216. A remote attacker can exploit this vulnerability to bypass authentication with the help of the Cookie:uid=admin header",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "VULMON",
"id": "CVE-2018-9995"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-140027",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=44577",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "VULMON",
"id": "CVE-2018-9995"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9995",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "44577",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-08885",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-454",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147478",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97260",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140027",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-9995",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "VULMON",
"id": "CVE-2018-9995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"id": "VAR-201804-1666",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULHUB",
"id": "VHN-140027"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
}
]
},
"last_update_date": "2024-11-23T22:34:17.511000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TBK-DVR4104",
"trust": 0.8,
"url": "http://tbkvision.com/producto/tbk-dvr4104/"
},
{
"title": "TBK-DVR4216",
"trust": 0.8,
"url": "http://tbkvision.com/producto/tbk-dvr4216/"
},
{
"title": "TBKDVR4104 and DVR4216 login bugs that bypass the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/128095"
},
{
"title": "getDVR",
"trust": 0.1,
"url": "https://github.com/eFeDe3/getDVR "
},
{
"title": "CVE-2018-9995_dvr_credentials",
"trust": 0.1,
"url": "https://github.com/IHA114/CVE-2018-9995_dvr_credentials "
},
{
"title": "CVE-2018-9995-Exploit",
"trust": 0.1,
"url": "https://github.com/kienquoc102/CVE-2018-9995-Exploit "
},
{
"title": "Exploits-CVE-2018-9995",
"trust": 0.1,
"url": "https://github.com/kienquoc102/Exploits-CVE-2018-9995 "
},
{
"title": "rufbot",
"trust": 0.1,
"url": "https://github.com/rufbot/rufbot "
},
{
"title": "Exploit-CVE-2018-9995",
"trust": 0.1,
"url": "https://github.com/kienquoc102/Exploit-CVE-2018-9995 "
},
{
"title": "CVE-2018-9995",
"trust": 0.1,
"url": "https://github.com/quocquoc181/CVE-2018-9995 "
},
{
"title": "CVE-2018-9995",
"trust": 0.1,
"url": "https://github.com/kienquoc102/CVE-2018-9995 "
},
{
"title": "CVE-2018-9995_dvr_credentials",
"trust": 0.1,
"url": "https://github.com/ezelf/CVE-2018-9995_dvr_credentials "
},
{
"title": "CVE-2018-9995_dvr_credentials",
"trust": 0.1,
"url": "https://github.com/ABIZCHI/CVE-2018-9995_dvr_credentials "
},
{
"title": "CVE-2018-9995-RMTest",
"trust": 0.1,
"url": "https://github.com/quocquoc181/CVE-2018-9995-RMTest "
},
{
"title": "https-github.com-fportantier-habu",
"trust": 0.1,
"url": "https://github.com/vincentfer/https-github.com-fportantier-habu "
},
{
"title": "cve-2018-9995",
"trust": 0.1,
"url": "https://github.com/shacojx/cve-2018-9995 "
},
{
"title": "CVE-2018-995-Remake",
"trust": 0.1,
"url": "https://github.com/kienquoc102/CVE-2018-995-Remake "
},
{
"title": "CVE-2018-9995-POC",
"trust": 0.1,
"url": "https://github.com/b510/CVE-2018-9995-POC "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULMON",
"id": "CVE-2018-9995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/44577/"
},
{
"trust": 1.7,
"url": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html"
},
{
"trust": 1.7,
"url": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9995"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9995"
},
{
"trust": 0.6,
"url": "http://tbkvision.com/producto/tbk-dvr4104/"
},
{
"trust": 0.6,
"url": "https://github.com/ezelf/cve-2018-9995_dvr_credentials"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"db": "VULHUB",
"id": "VHN-140027"
},
{
"db": "VULMON",
"id": "CVE-2018-9995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"date": "2018-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-140027"
},
{
"date": "2018-04-10T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9995"
},
{
"date": "2018-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"date": "2018-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"date": "2018-04-10T22:29:00.290000",
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08885"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-140027"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9995"
},
{
"date": "2018-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004376"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-454"
},
{
"date": "2024-11-21T04:16:00.300000",
"db": "NVD",
"id": "CVE-2018-9995"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TBK DVR4104 and DVR4216 Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004376"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-454"
}
],
"trust": 0.6
}
}
cve-2018-10676
Vulnerability from cvelistv5
Published
2018-05-02 18:00
Modified
2024-09-17 02:06
Severity ?
EPSS score ?
Summary
CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI.
References
| ▼ | URL | Tags |
|---|---|---|
| http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-02T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html",
"refsource": "MISC",
"url": "http://misteralfa-hack.blogspot.cl/2018/05/0day-dvr-multivendor.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10676",
"datePublished": "2018-05-02T18:00:00Z",
"dateReserved": "2018-05-02T00:00:00Z",
"dateUpdated": "2024-09-17T02:06:41.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9995
Vulnerability from cvelistv5
Published
2018-04-10 22:00
Modified
2024-08-05 07:32
Severity ?
EPSS score ?
Summary
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/44577/ | exploit, x_refsource_EXPLOIT-DB | |
| http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html | x_refsource_MISC | |
| http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:01.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/"
},
{
"name": "44577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44577/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a \"Cookie: uid=admin\" header, as demonstrated by a device.rsp?opt=user\u0026cmd=list request that provides credentials within JSON data in a response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-04T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/"
},
{
"name": "44577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44577/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a \"Cookie: uid=admin\" header, as demonstrated by a device.rsp?opt=user\u0026cmd=list request that provides credentials within JSON data in a response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/",
"refsource": "MISC",
"url": "https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/"
},
{
"name": "44577",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44577/"
},
{
"name": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html",
"refsource": "MISC",
"url": "http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html"
},
{
"name": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html",
"refsource": "MISC",
"url": "http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9995",
"datePublished": "2018-04-10T22:00:00",
"dateReserved": "2018-04-10T00:00:00",
"dateUpdated": "2024-08-05T07:32:01.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}