CNVD-2015-02691

Vulnerability from cnvd - Published: 2025-04-01
VLAI Severity ?
Title
佳能Canon vb-c60摄像头存在远程控制后门漏洞
Description
日本佳能是一家致力于图像、光学和办公自动化产品的日本公司,产品包括照相机、摄像机、复印机、传真机、影像扫描器和打印机等。 佳能(canon)vb-c60摄像头存在远程控制后门漏洞,允许攻击者在无需身份认证的情况,向image.cgi发送带有特定参数的get请求,进而可控制摄像头上下,左右转动,调整焦距。
Severity
Patch Name
佳能(Canon)VB-C60网络摄像机存在未授权访问和控制漏洞
Patch Description
电话至010-8513-9833(确认技术支持科的刘瑛璐 的邮箱),将通报发送至Yinglu_Liu@canon.com.cn邮箱中处置。
Formal description

用户可参考如下供应商提供的安全公告获得补丁信息: http://www.canon.com.cn/support/announce/products/an_2015-05-29.html

Impacted products
Name
日本佳能 canon VB-C60 v1.1.3
Show details on source website
To clipboard 

{
  "description": "\u65e5\u672c\u4f73\u80fd\u662f\u4e00\u5bb6\u81f4\u529b\u4e8e\u56fe\u50cf\u3001\u5149\u5b66\u548c\u529e\u516c\u81ea\u52a8\u5316\u4ea7\u54c1\u7684\u65e5\u672c\u516c\u53f8\uff0c\u4ea7\u54c1\u5305\u62ec\u7167\u76f8\u673a\u3001\u6444\u50cf\u673a\u3001\u590d\u5370\u673a\u3001\u4f20\u771f\u673a\u3001\u5f71\u50cf\u626b\u63cf\u5668\u548c\u6253\u5370\u673a\u7b49\u3002\r\n\r\n\u4f73\u80fd\uff08canon\uff09vb-c60\u6444\u50cf\u5934\u5b58\u5728\u8fdc\u7a0b\u63a7\u5236\u540e\u95e8\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5728\u65e0\u9700\u8eab\u4efd\u8ba4\u8bc1\u7684\u60c5\u51b5\uff0c\u5411image.cgi\u53d1\u9001\u5e26\u6709\u7279\u5b9a\u53c2\u6570\u7684get\u8bf7\u6c42\uff0c\u8fdb\u800c\u53ef\u63a7\u5236\u6444\u50cf\u5934\u4e0a\u4e0b\uff0c\u5de6\u53f3\u8f6c\u52a8\uff0c\u8c03\u6574\u7126\u8ddd\u3002",
  "discovererName": "\u90d1\u5c27\u6587 \u5b59\u5229\u6c11 \u6731\u7ea2\u677e \u77f3\u5fd7\u5f3a",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.canon.com.cn/support/announce/products/an_2015-05-29.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02691",
  "openTime": "2025-04-01",
  "patchDescription": "\u7535\u8bdd\u81f3010-8513-9833\uff08\u786e\u8ba4\u6280\u672f\u652f\u6301\u79d1\u7684\u5218\u745b\u7490\r\n\u7684\u90ae\u7bb1\uff09\uff0c\u5c06\u901a\u62a5\u53d1\u9001\u81f3Yinglu_Liu@canon.com.cn\u90ae\u7bb1\u4e2d\u5904\u7f6e\u3002",
  "patchName": "\u4f73\u80fd(Canon)VB-C60\u7f51\u7edc\u6444\u50cf\u673a\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u548c\u63a7\u5236\u6f0f\u6d1e",
  "products": {
    "product": "\u65e5\u672c\u4f73\u80fd canon VB-C60 v1.1.3"
  },
  "serverity": "\u9ad8",
  "submitTime": "2015-04-11",
  "title": "\u4f73\u80fdCanon vb-c60\u6444\u50cf\u5934\u5b58\u5728\u8fdc\u7a0b\u63a7\u5236\u540e\u95e8\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.