Sign-up

ID

VAR-201702-1098


TITLE

Shenzhen Haishilian Company's WIFICAM network camera has null password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-12875

DESCRIPTION

Shenzhen Haishilian Technology Co., Ltd. is a comprehensive technology enterprise integrating R & D, production, sales and service. The WIFICAM camera is a webcam product of the company. There is an empty password vulnerability in the WIFICAM network camera of Shenzhen Haishilian Company. Since the WIFICAM network camera uses port 81 as the WEB management port, there is a default admin blank password. An attacker could use the vulnerability to obtain remote management rights, which constitutes information leakage.

Trust: 0.6

sources: CNVD: CNVD-2016-12875

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-12875

AFFECTED PRODUCTS

vendor:haishilianmodel:wificam web camerascope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2016-12875

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2016-12875
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2016-12875
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2016-12875

PATCH

title:Shenzhen Haishilian Company's WIFICAM network camera product has a null password vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/86592

Trust: 0.6

sources: CNVD: CNVD-2016-12875

EXTERNAL IDS

db:CNVDid:CNVD-2016-12875

Trust: 0.6

sources: CNVD: CNVD-2016-12875

SOURCES

db:CNVDid:CNVD-2016-12875

LAST UPDATE DATE

2022-05-04T08:40:32.175000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-12875date:2016-12-26T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2016-12875date:2017-02-06T00:00:00