0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
AVer Information EH6108H+ Authentication Bypass / Inforation Exposure
Author
Risk
[Security Risk High
]0day-ID
Category
Date add
CVE
Platform
AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities https://www.kb.cert.org/vuls/id/667480 Overview: AVer Information EH6108H+ hybrid DVR, version X9.03.24.00.07l and possibly earlier, reportedly contains multiple vulnerabilities, including undocumented privileged accounts, authentication bypass, and information exposure. Description: AVer Information EH6108H+ hybrid DVR is an IP security camera management system and streaming video recorder. Version X9.03.24.00.07l and possibly earlier are reported to contain multiple vulnerabilities. CWE-798: Use of Hard-coded Credentials - CVE-2016-6535 AVer Information EH6108H+ reportedly contains two undocumented, hard-coded account credentials. Both accounts have root privileges and may be used to gain access via an undocumented telnet service that cannot be disabled through the web user interface and runs by default. CWE-302: Authentication Bypass by Assumed-Immutable Data - CVE-2016-6536 By guessing the handle parameter of the /setup page of the web interface, an unauthenticated attacker reportedly may be able to access restricted pages and alter DVR configurations or change user passwords. CWE-200: Information Exposure - CVE-2016-6537 User credentials are reported to be stored and transmitted in an insecure manner. In the configuration page of the web interface, passwords are stored in base64-encoded strings. In client requests, credentials are listed in plain text in the cookie header. For more information, refer to the researcher's disclosure. (https://www.appsecconsulting.com/blog/easy-root-on-aver-eh6108h-hybrid-dvr- and-more) Impact: A remote, unauthenticated attacker may be able to gain access with root privileges to completely compromise vulnerable devices. Solution: The CERT/CC is currently unaware of a practical solution to this problem and recommends the following workaround. Restrict access As a general good security practice, only allow connections from trusted hosts and networks. References: http://surveillance.aver.com/model/embedded-hybrid-DVR-EH6108H-plus/ https://www.appsecconsulting.com/blog/easy-root-on-aver-eh6108h-hybrid-dvr-a nd-more https://cwe.mitre.org/data/definitions/798.html https://cwe.mitre.org/data/definitions/302.html https://cwe.mitre.org/data/definitions/200.html # 0day.today [2024-11-15] #