Sign-up

ID

VAR-201610-0716


TITLE

SQL injection vulnerability exists in vigocam network camera login system

Trust: 0.6

sources: CNVD: CNVD-2016-05780

DESCRIPTION

Domain High Tech (Hangzhou) Co., Ltd. is a network camera manufacturer. There is a SQL injection vulnerability in the vigocam network camera login system. Allows an attacker to exploit a vulnerability to obtain database sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2016-05780

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-05780

AFFECTED PRODUCTS

vendor:domain high techmodel:vigocam network camera login systemscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2016-05780

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2016-05780
value: HIGH

Trust: 0.6

CNVD: CNVD-2016-05780
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2016-05780

EXTERNAL IDS

db:WOOYUNid:WOOYUN-2016-0230709

Trust: 0.6

db:CNVDid:CNVD-2016-05780

Trust: 0.6

sources: CNVD: CNVD-2016-05780

REFERENCES

url:http://www.wooyun.org/bugs/wooyun-2016-0230709

Trust: 0.6

sources: CNVD: CNVD-2016-05780

SOURCES

db:CNVDid:CNVD-2016-05780

LAST UPDATE DATE

2022-05-17T01:59:58.567000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-05780date:2016-08-22T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2016-05780date:2016-10-20T00:00:00