| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 Oct 2017 15:32:55 +0300
From: Maor Shwartz <maors@...ondsecurity.com>
To: fulldisclosure@...lists.org
Cc: SecuriTeam Secure Disclosure <ssd@...ondsecurity.com>
Subject: [FD] SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure
SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure
Full report: https://blogs.securiteam.com/index.php/archives/3444
Twitter: @SecuriTeam_SSD
Weibo: SecuriTeam_SSD
Vulnerability Summary
The following advisory describes sensitive information Disclosure found in
Tiandy IP cameras version 5.56.17.120
Tianjin Tiandy Digital Technology Co., Ltd ( Tiandy Tech) is “one of top 10
leading CCTV manufacturer in China and a global supplier of advanced video
surveillance solutions.”
Credit
An independent security researcher, Netfairy, has reported this
vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
Vendor response
We tried to contact Tiandy starting from August 16 2017, repeated attempts
to establish contact went unanswered. At this time there is no solution or
workaround for this vulnerability.
--
Thanks
Maor Shwartz
Beyond Security
GPG Key ID: 93CC36E2DE7FF514
Download attachment "SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure – SecuriTeam Blogs.pdf" of type "application/pdf" (78013 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists