Details of VAR-201610-0707

ID

VAR-201610-0707

TITLE

\302\240Server-Side Request Forgery (SSRF) Vulnerability in AVTECH DVR

Trust: 0.6

sources: CNVD: CNVD-2016-08736

DESCRIPTION

AVTECH, founded in 1996, is one of the world's leading manufacturers of CCTV. The main products are monitoring equipment, network cameras, network video recorders and so on. There is a server side request forgery (SSRF) vulnerability in AVTECHDVR. Search.cgi provides search and access services for network cameras on the local network. Since an unauthenticated attacker can directly access the search interface, an attacker can exploit the vulnerability by modifying the IP, port, and queryb64str parameters to perform arbitrary HTTP requests on the DVR device.

Trust: 0.6

sources: CNVD: CNVD-2016-08736

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08736

AFFECTED PRODUCTS

vendor:

avtech

model:

dvr

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2016-08736

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-08736
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2016-08736
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-08736

EXTERNAL IDS

db:

CNVD

id:

CNVD-2016-08736

Trust: 0.6

sources: CNVD: CNVD-2016-08736

REFERENCES

url:	http://seclists.org/bugtraq/2016/oct/26	Trust: 0.6
url:	http://www.search-lab.hu/advisories/126-avtech-devices-multiple-vulnerabilities	Trust: 0.6

sources: CNVD: CNVD-2016-08736

SOURCES

db:

CNVD

id:

CNVD-2016-08736

LAST UPDATE DATE

2022-05-04T10:16:22.747000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-08736

date:

2016-10-13T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-08736

date:

2016-10-13T00:00:00