Details of VAR-202107-1794

ID

VAR-202107-1794

TITLE

KGuard DVR has unauthorized access vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-50120

DESCRIPTION

Yingying Information actively creates a smart road monitoring integration platform, and has been earnestly operating its own brand KGuard for many years. Its main products include home security combokits for digital surveillance video recorders (Home Security ComboKit), etc. KGuard DVR has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information and provide arbitrary command execution.

Trust: 0.6

sources: CNVD: CNVD-2021-50120

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-50120

AFFECTED PRODUCTS

vendor:

kguard

model:

dvr

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-50120

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-50120
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2021-50120
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-50120

EXTERNAL IDS

db:	SEEBUG	id:	SSVID-99285	Trust: 0.6
db:	CNVD	id:	CNVD-2021-50120	Trust: 0.6

sources: CNVD: CNVD-2021-50120

REFERENCES

url:

https://www.seebug.org/vuldb/ssvid-99285

Trust: 0.6

sources: CNVD: CNVD-2021-50120

SOURCES

db:

CNVD

id:

CNVD-2021-50120

LAST UPDATE DATE

2022-05-17T01:52:18.514000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-50120

date:

2021-07-13T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-50120

date:

2021-07-06T00:00:00