Details of VAR-201807-2269

ID

VAR-201807-2269

TITLE

Unauthorized Access Vulnerability in Yestv Camera

Trust: 0.6

sources: CNVD: CNVD-2018-12353

DESCRIPTION

Yestv camera is a smart monitor for wireless network wifi. An unauthorized access vulnerability exists in the camera of yestv. By obtaining the address and username and password, an attacker can use the vulnerability to obtain video information of the camera.

Trust: 0.6

sources: CNVD: CNVD-2018-12353

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-12353

AFFECTED PRODUCTS

vendor:

yashiwei security

model:

yestv camera

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2018-12353

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2018-12353
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2018-12353
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2018-12353

PATCH

title:

Unauthorized Access Vulnerability in Yestv Webcam

url:

https://www.cnvd.org.cn/patchinfo/show/131621

Trust: 0.6

sources: CNVD: CNVD-2018-12353

EXTERNAL IDS

db:

CNVD

id:

CNVD-2018-12353

Trust: 0.6

sources: CNVD: CNVD-2018-12353

SOURCES

db:

CNVD

id:

CNVD-2018-12353

LAST UPDATE DATE

2022-05-04T10:15:51.690000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2018-12353

date:

2018-06-29T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2018-12353

date:

2018-07-19T00:00:00