Sign-up

ID

VAR-201906-0546


CVE

CVE-2019-12919


TITLE

Shenzhen Cylan Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 Information disclosure vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-005780

DESCRIPTION

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device. Shenzhen Cylan Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 The device contains an information disclosure vulnerability.Information may be obtained. ShenzhenCylanTechnologyCleverDogSmartCameraDOG-2W and ShenzhenCylanTechnologyCleverDogSmartCameraDOG-2W-V4 are smart cameras from China's Shenzhen CylanTechnology. There are security holes in ShenzhenCylanTechnologyCleverDogSmartCameraDOG-2W and ShenzhenCylanTechnologyCleverDogSmartCameraDOG-2W-V4

Trust: 2.25

sources: NVD: CVE-2019-12919 // JVNDB: JVNDB-2019-005780 // CNVD: CNVD-2019-19182 // VULHUB: VHN-144713

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

category:['camera device']sub_category:camera

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2019-19182

AFFECTED PRODUCTS

vendor:cylanmodel:clever dog smart camera panorama dog-2wscope:eqversion: -

Trust: 1.0

vendor:cylanmodel:clever dog smart camera plus dog-2w-v4scope:eqversion: -

Trust: 1.0

vendor:cylanmodel:cleverdog smart camera panorama dog-2w v4scope: - version: -

Trust: 0.8

vendor:cylanmodel:cleverdog smart camera panorama dog-2wscope: - version: -

Trust: 0.8

vendor: - model:cylan technology clever dog smart camera dog-2wscope: - version: -

Trust: 0.6

vendor: - model:cylan technology clever dog smart camera dog-2w-v4scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2019-19182 // JVNDB: JVNDB-2019-005780 // NVD: CVE-2019-12919

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12919
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-12919
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-19182
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201906-847
value: MEDIUM

Trust: 0.6

VULHUB: VHN-144713
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-12919
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-19182
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-144713
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12919
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2019-19182 // VULHUB: VHN-144713 // JVNDB: JVNDB-2019-005780 // CNNVD: CNNVD-201906-847 // NVD: CVE-2019-12919

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.0

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-144713 // JVNDB: JVNDB-2019-005780 // NVD: CVE-2019-12919

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201906-847

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201906-847

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-005780

PATCH
title:Top Pageurl:http://www.cleverdog.com.cn/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-005780

EXTERNAL IDS
db:NVDid:CVE-2019-12919
Trust: 3.2
db:EXPLOIT-DBid:46993
Trust: 3.1
db:JVNDBid:JVNDB-2019-005780
Trust: 0.8
db:CNNVDid:CNNVD-201906-847
Trust: 0.7
db:EXPLOITDBid:46993
Trust: 0.6
db:CNVDid:CNVD-2019-19182
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-144713
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2019-19182 // 
            
            
            
            VULHUB: VHN-144713 // 
            
            
            
            JVNDB: JVNDB-2019-005780 // 
            
            
            
            CNNVD: CNNVD-201906-847 // 
            
            
            
            NVD: CVE-2019-12919

REFERENCES
url:https://www.exploit-db.com/exploits/46993
Trust: 3.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-12919
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12919
Trust: 0.8
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2019-19182 // 
            
            
            
            VULHUB: VHN-144713 // 
            
            
            
            JVNDB: JVNDB-2019-005780 // 
            
            
            
            CNNVD: CNNVD-201906-847 // 
            
            
            
            NVD: CVE-2019-12919

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2019-19182
db:VULHUBid:VHN-144713
db:JVNDBid:JVNDB-2019-005780
db:CNNVDid:CNNVD-201906-847
db:NVDid:CVE-2019-12919

LAST UPDATE DATE
2025-01-30T21:37:13.491000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-19182date:2019-06-25T00:00:00
db:VULHUBid:VHN-144713date:2019-06-27T00:00:00
db:JVNDBid:JVNDB-2019-005780date:2019-06-28T00:00:00
db:CNNVDid:CNNVD-201906-847date:2019-06-28T00:00:00
db:NVDid:CVE-2019-12919date:2024-11-21T04:23:49.187

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-19182date:2019-06-24T00:00:00
db:VULHUBid:VHN-144713date:2019-06-20T00:00:00
db:JVNDBid:JVNDB-2019-005780date:2019-06-28T00:00:00
db:CNNVDid:CNNVD-201906-847date:2019-06-20T00:00:00
db:NVDid:CVE-2019-12919date:2019-06-20T19:15:10.057