Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Uniview IP Camera IPC322LB-SF28-A by Uniview

    CVE-2023-0773 (GCVE-0-2023-0773)

    Vulnerability from nvd – Published: 2023-09-19 09:33 – Updated: 2024-09-25 14:40
    VLAI
    Title
    Unauthorized Access Control Vulnerability in Uniview IP Camera
    Summary
    The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Uniview Uniview IP Camera IPC322LB-SF28-A Affected: CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105 (custom)
    Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom)
    Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom)
    Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom)
    Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom)
    Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom)
    Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom)
    Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 (custom)
    Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom)
    Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom)
    Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom)
    Create a notification for this product.
    uniview ip_camera_ipc322lb-sf28-a Affected: CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105 (custom)
    Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom)
    Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom)
    Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom)
    Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom)
    Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom)
    Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom)
    Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 affected (custom)
    Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom)
    Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom)
    Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom)
        cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering & Research Team, Karnataka, India.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:24:33.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ip_camera_ipc322lb-sf28-a",
                "vendor": "uniview",
                "versions": [
                  {
                    "lessThanOrEqual": "CIPC-B2303.2.8.230105",
                    "status": "affected",
                    "version": "CIPC-B2303.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1213.6.5.230215",
                    "status": "affected",
                    "version": "DIPC-B1213.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1216.5.7.230109",
                    "status": "affected",
                    "version": "DIPC-B1216.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1221.3.5.221202",
                    "status": "affected",
                    "version": "DIPC-B1221.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1222.3.8.230223",
                    "status": "affected",
                    "version": "DIPC-B1222.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1225.3.3.221123",
                    "status": "affected",
                    "version": "DIPC-B1225.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1226.3.6.230105",
                    "status": "affected",
                    "version": "DIPC-B1226.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1219.2.67.221019\taffected",
                    "status": "affected",
                    "version": "DIPC-B1219.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1223.3.3.221123",
                    "status": "affected",
                    "version": "DIPC-B1223.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1228.2.65.230207",
                    "status": "affected",
                    "version": "DIPC-B1228.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1229.1.67.230104",
                    "status": "affected",
                    "version": "DIPC-B1229.X.X.XXXXXX",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0773",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T14:27:10.328874Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T14:40:18.835Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Uniview IP Camera IPC322LB-SF28-A",
              "vendor": "Uniview",
              "versions": [
                {
                  "lessThanOrEqual": "CIPC-B2303.2.8.230105",
                  "status": "affected",
                  "version": "CIPC-B2303.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1213.6.5.230215",
                  "status": "affected",
                  "version": "DIPC-B1213.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1216.5.7.230109",
                  "status": "affected",
                  "version": "DIPC-B1216.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1221.3.5.221202",
                  "status": "affected",
                  "version": "DIPC-B1221.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1222.3.8.230223",
                  "status": "affected",
                  "version": "DIPC-B1222.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1225.3.3.221123",
                  "status": "affected",
                  "version": "DIPC-B1225.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1226.3.6.230105",
                  "status": "affected",
                  "version": "DIPC-B1226.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1219.2.67.221019",
                  "status": "affected",
                  "version": "DIPC-B1219.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1223.3.3.221123",
                  "status": "affected",
                  "version": "DIPC-B1223.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1228.2.65.230207",
                  "status": "affected",
                  "version": "DIPC-B1228.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1229.1.67.230104",
                  "status": "affected",
                  "version": "DIPC-B1229.X.X.XXXXXX",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering \u0026 Research Team, Karnataka, India."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cbr\u003eThe vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\u003cbr\u003e"
                }
              ],
              "value": "The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-22",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-22 Exploiting Trust in Client"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-19T09:33:42.479Z",
            "orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
            "shortName": "CERT-In"
          },
          "references": [
            {
              "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\"\u003ehttps://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\u003c/a\u003e"
                }
              ],
              "value": " https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm "
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Unauthorized Access Control Vulnerability in Uniview IP Camera"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
        "assignerShortName": "CERT-In",
        "cveId": "CVE-2023-0773",
        "datePublished": "2023-09-19T09:33:42.479Z",
        "dateReserved": "2023-02-10T11:41:27.681Z",
        "dateUpdated": "2024-09-25T14:40:18.835Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0773 (GCVE-0-2023-0773)

    Vulnerability from cvelistv5 – Published: 2023-09-19 09:33 – Updated: 2024-09-25 14:40
    VLAI
    Title
    Unauthorized Access Control Vulnerability in Uniview IP Camera
    Summary
    The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Uniview Uniview IP Camera IPC322LB-SF28-A Affected: CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105 (custom)
    Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom)
    Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom)
    Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom)
    Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom)
    Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom)
    Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom)
    Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 (custom)
    Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom)
    Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom)
    Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom)
    Create a notification for this product.
    uniview ip_camera_ipc322lb-sf28-a Affected: CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105 (custom)
    Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom)
    Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom)
    Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom)
    Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom)
    Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom)
    Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom)
    Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 affected (custom)
    Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom)
    Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom)
    Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom)
        cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering & Research Team, Karnataka, India.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:24:33.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ip_camera_ipc322lb-sf28-a",
                "vendor": "uniview",
                "versions": [
                  {
                    "lessThanOrEqual": "CIPC-B2303.2.8.230105",
                    "status": "affected",
                    "version": "CIPC-B2303.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1213.6.5.230215",
                    "status": "affected",
                    "version": "DIPC-B1213.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1216.5.7.230109",
                    "status": "affected",
                    "version": "DIPC-B1216.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1221.3.5.221202",
                    "status": "affected",
                    "version": "DIPC-B1221.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1222.3.8.230223",
                    "status": "affected",
                    "version": "DIPC-B1222.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1225.3.3.221123",
                    "status": "affected",
                    "version": "DIPC-B1225.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1226.3.6.230105",
                    "status": "affected",
                    "version": "DIPC-B1226.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1219.2.67.221019\taffected",
                    "status": "affected",
                    "version": "DIPC-B1219.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1223.3.3.221123",
                    "status": "affected",
                    "version": "DIPC-B1223.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1228.2.65.230207",
                    "status": "affected",
                    "version": "DIPC-B1228.X.X.XXXXXX",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "DIPC-B1229.1.67.230104",
                    "status": "affected",
                    "version": "DIPC-B1229.X.X.XXXXXX",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0773",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T14:27:10.328874Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T14:40:18.835Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Uniview IP Camera IPC322LB-SF28-A",
              "vendor": "Uniview",
              "versions": [
                {
                  "lessThanOrEqual": "CIPC-B2303.2.8.230105",
                  "status": "affected",
                  "version": "CIPC-B2303.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1213.6.5.230215",
                  "status": "affected",
                  "version": "DIPC-B1213.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1216.5.7.230109",
                  "status": "affected",
                  "version": "DIPC-B1216.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1221.3.5.221202",
                  "status": "affected",
                  "version": "DIPC-B1221.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1222.3.8.230223",
                  "status": "affected",
                  "version": "DIPC-B1222.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1225.3.3.221123",
                  "status": "affected",
                  "version": "DIPC-B1225.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1226.3.6.230105",
                  "status": "affected",
                  "version": "DIPC-B1226.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1219.2.67.221019",
                  "status": "affected",
                  "version": "DIPC-B1219.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1223.3.3.221123",
                  "status": "affected",
                  "version": "DIPC-B1223.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1228.2.65.230207",
                  "status": "affected",
                  "version": "DIPC-B1228.X.X.XXXXXX",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "DIPC-B1229.1.67.230104",
                  "status": "affected",
                  "version": "DIPC-B1229.X.X.XXXXXX",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering \u0026 Research Team, Karnataka, India."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cbr\u003eThe vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\u003cbr\u003e"
                }
              ],
              "value": "The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-22",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-22 Exploiting Trust in Client"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-19T09:33:42.479Z",
            "orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
            "shortName": "CERT-In"
          },
          "references": [
            {
              "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\"\u003ehttps://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\u003c/a\u003e"
                }
              ],
              "value": " https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm "
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Unauthorized Access Control Vulnerability in Uniview IP Camera"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
        "assignerShortName": "CERT-In",
        "cveId": "CVE-2023-0773",
        "datePublished": "2023-09-19T09:33:42.479Z",
        "dateReserved": "2023-02-10T11:41:27.681Z",
        "dateUpdated": "2024-09-25T14:40:18.835Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }