Required CVE Record Information
Description
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected by this vulnerability is an unknown functionality of the component User Management. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259615. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 5.4 | MEDIUM | 3.1 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
| 5.4 | MEDIUM | 3.0 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
| 5.5 | — | 2.0 | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Credits
- faiyazahmad (VulDB User) reporter
References 4 Total
- vuldb.com: VDB-259615 | CP Plus Wi-Fi Camera User Management improper authorization vdb-entry
- vuldb.com: VDB-259615 | CTI Indicators (IOB, IOC, TTP) signaturepermissions-required
- vuldb.com: Submit #308217 | CPPLUS CP_Plus_Wi-Fi_camera 1.0 Privilege Escalation third-party-advisory
- https://drive.google.com/file/d/1-Fz3G5HQZxBNgeXjPfIR1bEeC_qAegWD/view?usp=sharing exploit
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- vuldb.com: VDB-259615 | CP Plus Wi-Fi Camera User Management improper authorization vdb-entryx_transferred
- vuldb.com: VDB-259615 | CTI Indicators (IOB, IOC, TTP) signaturepermissions-requiredx_transferred
- vuldb.com: Submit #308217 | CPPLUS CP_Plus_Wi-Fi_camera 1.0 Privilege Escalation third-party-advisoryx_transferred
- https://drive.google.com/file/d/1-Fz3G5HQZxBNgeXjPfIR1bEeC_qAegWD/view?usp=sharing exploitx_transferred