[<prev] [next>] [day] [month] [year] [list]
Message-ID: <OF39703BE8.AC74E1F9-ON48257E6E.005BC5EF-48257E6E.006290EA@ph.ibm.com>
Date: Thu, 25 Jun 2015 01:56:54 +0800
From: Federick Joe P Fajardo <fjpfajardo@...ibm.com>
To: bugtraq@...urityfocus.com
Subject: CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote
Authentication Bypass for Kguard Digital Video Recorders
CVEID: CVE-2015-4464
SUBJECT: Insufficient Authorization Checks Request Handling Remote
Authentication Bypass for Kguard Digital Video Recorders
DESCRIPTION: A deficiency in handling authentication and authorization
has been found with Kguard 104/108/v2 models. While password-based
authentication
is used by the ActiveX component to protect the login page, all the
communication
to the application server at port 9000 allows data to be communicated
directly
with insufficient or improper authorization.
CVSS Base Score: 9.7
CVSS Temporal Score: 8.3
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:P/E:F/RL:U/RC:UR)
Affected Products and Versions
Kguard Digital Video Recorders: KG-SHA104/KG-SHA108/v2. Other variants
that runs
the same firmware from Zhuhai Raysharp Technology Co Ltd, are believed to
be vulnerable.
Exploit / Proof of Concept:
https://goo.gl/L5ASRo
Remediation/Fixes
None.
Workarounds and Mitigations
See: [06]
References:
[01] http://www.securityfocus.com/archive/1/534830
[02]
http://us.kworld-global.com/main/prod_in.aspx?mnuid=1306&modid=10&prodid=527
[03] http://osvdb.org/show/osvdb/119402
[04] http://osvdb.org/show/osvdb/119422
[05] http://osvdb.org/show/osvdb/119403
[06]
https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_Vulnerabilities
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (9449 bytes)
Powered by blists - more mailing lists