Sign-up

ID

VAR-201810-0961


CVE

CVE-2018-12671


TITLE

SV3C HD Camera Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2018-013499

DESCRIPTION

An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web interface. SV3C HD Camera Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Trust: 1.62

sources: NVD: CVE-2018-12671 // JVNDB: JVNDB-2018-013499

IOT TAXONOMY

category:['camera device']sub_category:camera

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:sv3cmodel:h.264 poe ip camerascope:eqversion:v2.3.4.2103-s50-ntd-b20170823b

Trust: 1.6

vendor:sv3cmodel:h.264 poe ip camerascope:eqversion:v2.3.4.2103-s50-ntd-b20170508b

Trust: 1.6

vendor:sv3cmodel:h.264 poe ip camerascope:eqversion:2.3.4.2103-s50-ntd-b20170508b

Trust: 0.8

vendor:sv3cmodel:h.264 poe ip camerascope:eqversion:2.3.4.2103-s50-ntd-b20170823b

Trust: 0.8

sources: JVNDB: JVNDB-2018-013499 // CNNVD: CNNVD-201810-1087 // NVD: CVE-2018-12671

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-12671
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-12671
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201810-1087
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-12671
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2018-12671
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: JVNDB: JVNDB-2018-013499 // CNNVD: CNNVD-201810-1087 // NVD: CVE-2018-12671

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2018-013499 // NVD: CVE-2018-12671

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-1087

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201810-1087

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013499

PATCH
title:H.264 POE IP Cameraurl:http://www.sv3c.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-013499

EXTERNAL IDS
db:NVDid:CVE-2018-12671
Trust: 2.5
db:JVNDBid:JVNDB-2018-013499
Trust: 0.8
db:VULDBid:125795
Trust: 0.6
db:CNNVDid:CNNVD-201810-1087
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            JVNDB: JVNDB-2018-013499 // 
            
            
            
            CNNVD: CNNVD-201810-1087 // 
            
            
            
            NVD: CVE-2018-12671

REFERENCES
url:https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/
Trust: 2.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12671
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12671
Trust: 0.8
url:https://vuldb.com/?id.125795
Trust: 0.6
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            JVNDB: JVNDB-2018-013499 // 
            
            
            
            CNNVD: CNNVD-201810-1087 // 
            
            
            
            NVD: CVE-2018-12671

SOURCES
db:OTHERid: - 
db:JVNDBid:JVNDB-2018-013499
db:CNNVDid:CNNVD-201810-1087
db:NVDid:CVE-2018-12671

LAST UPDATE DATE
2025-01-30T19:59:12.743000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2018-013499date:2019-02-21T00:00:00
db:CNNVDid:CNNVD-201810-1087date:2018-10-22T00:00:00
db:NVDid:CVE-2018-12671date:2024-11-21T03:45:38.930

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2018-013499date:2019-02-21T00:00:00
db:CNNVDid:CNNVD-201810-1087date:2018-10-22T00:00:00
db:NVDid:CVE-2018-12671date:2018-10-19T22:29:00.727