Search criteria
5 vulnerabilities found for cipcamptiwl by conceptronic
VAR-201401-0286
Vulnerability from variot - Updated: 2025-04-11 22:13Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. Conceptronic CIPCAMPTIWL is an IP camera device. Conceptronic CIPCAMPTIWL is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Conceptronic CIPCAMPTIWL Camera is a wireless network camera product of German Conceptronic Company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0286",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 1.8,
"vendor": "conceptronic",
"version": "1.0"
},
{
"model": "cipcamptiwl 1.0",
"scope": "eq",
"trust": 1.6,
"vendor": "conceptronic",
"version": "21.37.2.49"
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 0.8,
"vendor": "conceptronic",
"version": "21.37.2.49"
},
{
"model": "camera cipcamptiwl",
"scope": "eq",
"trust": 0.6,
"vendor": "conceptronic",
"version": "21.37.2.49"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:conceptronic:cipcamptiwl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:conceptronic:cipcamptiwl_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Felipe Molina",
"sources": [
{
"db": "BID",
"id": "64761"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
}
],
"trust": 0.9
},
"cve": "CVE-2013-7204",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2013-7204",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00230",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-67206",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-7204",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-7204",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-00230",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-188",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-67206",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "VULHUB",
"id": "VHN-67206"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. Conceptronic CIPCAMPTIWL is an IP camera device. Conceptronic CIPCAMPTIWL is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Conceptronic CIPCAMPTIWL Camera is a wireless network camera product of German Conceptronic Company",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7204"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "BID",
"id": "64761"
},
{
"db": "VULHUB",
"id": "VHN-67206"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-67206",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67206"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-7204",
"trust": 3.5
},
{
"db": "OSVDB",
"id": "101930",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "30914",
"trust": 1.7
},
{
"db": "BID",
"id": "64761",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-00230",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20140110 [CVE-2013-7204] CSRF IN CONCEPTRONIC IP CAMERA (CIPCAMPTIWL)",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-84271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124747",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-67206",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "VULHUB",
"id": "VHN-67206"
},
{
"db": "BID",
"id": "64761"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"id": "VAR-201401-0286",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "VULHUB",
"id": "VHN-67206"
}
],
"trust": 1.425
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"camera device"
],
"sub_category": "camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2014-00230"
}
]
},
"last_update_date": "2025-04-11T22:13:55.419000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wireless Pan\u0026Tilt Network Camera",
"trust": 0.8,
"url": "http://www.conceptronic.net/product.php?id=617\u0026linkid=589"
},
{
"title": "Conceptronic CIPCAMPTIWL \u0027set_users.cgi\u0027 patch for cross-site request forgery vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/42357"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67206"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://osvdb.org/101930"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7204"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7204"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/530717"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/530717/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/64761"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "VULHUB",
"id": "VHN-67206"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"db": "VULHUB",
"id": "VHN-67206"
},
{
"db": "BID",
"id": "64761"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"date": "2014-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-67206"
},
{
"date": "2014-01-10T00:00:00",
"db": "BID",
"id": "64761"
},
{
"date": "2014-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"date": "2014-01-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"date": "2014-01-17T15:18:02.683000",
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00230"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-67206"
},
{
"date": "2014-01-10T00:00:00",
"db": "BID",
"id": "64761"
},
{
"date": "2014-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005854"
},
{
"date": "2014-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-188"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-7204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Conceptronic CIPCAMPTIWL Camera Cross-site request forgery vulnerability in some firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005854"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-188"
}
],
"trust": 0.6
}
}
VAR-201801-1336
Vulnerability from variot - Updated: 2024-11-23 23:12An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account. Conceptronic CIPCAMPTIWL The device contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ConceptronicCIPCAMPTIWL is a wireless network camera product from Conceptronic, Germany. A cross-site request forgery vulnerability exists in the hy-cgi/user.cgi file in the Conceptronic CIPCAMPTIWL version 30.61.30.21. A remote attacker could exploit the vulnerability to change an administrator certificate or create a new user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1336",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cipcamptiwl web",
"scope": "eq",
"trust": 1.6,
"vendor": "conceptronic",
"version": "0.61.30.21"
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 1.6,
"vendor": "conceptronic",
"version": "00.30.01.0047p3"
},
{
"model": "cipcam1080ptiwl",
"scope": null,
"trust": 0.8,
"vendor": "conceptronic",
"version": null
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 0.8,
"vendor": "conceptronic",
"version": "v3 0.61.30.21"
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 0.6,
"vendor": "conceptronic",
"version": "30.61.30.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:conceptronic:cipcamptiwl_web_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:conceptronic:cipcamptiwl_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
}
]
},
"cve": "CVE-2018-6408",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-6408",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-04510",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-136440",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-6408",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-6408",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-6408",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-04510",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-1072",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-136440",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-6408",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "VULHUB",
"id": "VHN-136440"
},
{
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account. Conceptronic CIPCAMPTIWL The device contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ConceptronicCIPCAMPTIWL is a wireless network camera product from Conceptronic, Germany. A cross-site request forgery vulnerability exists in the hy-cgi/user.cgi file in the Conceptronic CIPCAMPTIWL version 30.61.30.21. A remote attacker could exploit the vulnerability to change an administrator certificate or create a new user",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "VULHUB",
"id": "VHN-136440"
},
{
"db": "VULMON",
"id": "CVE-2018-6408"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6408",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-04510",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136440",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-6408",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "VULHUB",
"id": "VHN-136440"
},
{
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"id": "VAR-201801-1336",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "VULHUB",
"id": "VHN-136440"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
}
]
},
"last_update_date": "2024-11-23T23:12:16.210000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IP Network Camera",
"trust": 0.8,
"url": "http://www.conceptronic.net/category.php?cateid=82\u0026cate2id=131#131"
},
{
"title": "ConceptronicIPCam_MultipleVulnerabilities",
"trust": 0.1,
"url": "https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136440"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://github.com/dreadlocked/conceptronicipcam_multiplevulnerabilities/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6408"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6408"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/dreadlocked/conceptronicipcam_multiplevulnerabilities"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "VULHUB",
"id": "VHN-136440"
},
{
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "VULHUB",
"id": "VHN-136440"
},
{
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"date": "2018-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-136440"
},
{
"date": "2018-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"date": "2018-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"date": "2018-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"date": "2018-01-30T21:29:00.510000",
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"date": "2018-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-136440"
},
{
"date": "2018-02-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-6408"
},
{
"date": "2018-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001759"
},
{
"date": "2018-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1072"
},
{
"date": "2024-11-21T04:10:39.257000",
"db": "NVD",
"id": "CVE-2018-6408"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Conceptronic CIPCAMPTIWL Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04510"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1072"
}
],
"trust": 0.6
}
}
VAR-201801-1335
Vulnerability from variot - Updated: 2024-11-23 22:12An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. Conceptronic CIPCAMPTIWL The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. ConceptronicCIPCAMPTIWL is an IP camera capable of recording audio and video and transmitting it over a network. A denial of service vulnerability exists in ConceptronicCIPCAMPTIWLV30.61.30.21. Conceptronic CIPCAMPTIWL is a wireless network camera product of German Conceptronic Company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cipcamptiwl web",
"scope": "eq",
"trust": 1.6,
"vendor": "conceptronic",
"version": "0.61.30.21"
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 1.6,
"vendor": "conceptronic",
"version": "00.30.01.0047p3"
},
{
"model": "cipcam1080ptiwl",
"scope": null,
"trust": 0.8,
"vendor": "conceptronic",
"version": null
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 0.8,
"vendor": "conceptronic",
"version": "v3 0.61.30.21"
},
{
"model": "cipcamptiwl",
"scope": "eq",
"trust": 0.6,
"vendor": "conceptronic",
"version": "30.61.30.21"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:conceptronic:cipcamptiwl_web_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:conceptronic:cipcamptiwl_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
}
]
},
"cve": "CVE-2018-6407",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-6407",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-04511",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-136439",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-6407",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-6407",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-6407",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-04511",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-1073",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-136439",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "VULHUB",
"id": "VHN-136439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. Conceptronic CIPCAMPTIWL The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. ConceptronicCIPCAMPTIWL is an IP camera capable of recording audio and video and transmitting it over a network. A denial of service vulnerability exists in ConceptronicCIPCAMPTIWLV30.61.30.21. Conceptronic CIPCAMPTIWL is a wireless network camera product of German Conceptronic Company",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6407"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "VULHUB",
"id": "VHN-136439"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6407",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1073",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-04511",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136439",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "VULHUB",
"id": "VHN-136439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"id": "VAR-201801-1335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "VULHUB",
"id": "VHN-136439"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
}
]
},
"last_update_date": "2024-11-23T22:12:41.487000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IP Network Camera",
"trust": 0.8,
"url": "http://www.conceptronic.net/category.php?cateid=82\u0026cate2id=131#131"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://github.com/dreadlocked/conceptronicipcam_multiplevulnerabilities/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6407"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6407"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "VULHUB",
"id": "VHN-136439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"db": "VULHUB",
"id": "VHN-136439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"date": "2018-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-136439"
},
{
"date": "2018-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"date": "2018-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"date": "2018-01-30T21:29:00.447000",
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04511"
},
{
"date": "2018-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-136439"
},
{
"date": "2018-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001758"
},
{
"date": "2018-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1073"
},
{
"date": "2024-11-21T04:10:39.120000",
"db": "NVD",
"id": "CVE-2018-6407"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Conceptronic CIPCAMPTIWL Vulnerability related to input validation on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001758"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1073"
}
],
"trust": 0.6
}
}
CVE-2013-7204 (GCVE-0-2013-7204)
Vulnerability from nvd – Published: 2014-01-17 15:00 – Updated: 2024-08-06 18:01
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:20.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101930",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/101930"
},
{
"name": "30914",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"name": "20140110 [CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "101930",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/101930"
},
{
"name": "30914",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"name": "20140110 [CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101930",
"refsource": "OSVDB",
"url": "http://osvdb.org/101930"
},
{
"name": "30914",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"name": "20140110 [CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7204",
"datePublished": "2014-01-17T15:00:00.000Z",
"dateReserved": "2013-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:01:20.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-7204 (GCVE-0-2013-7204)
Vulnerability from cvelistv5 – Published: 2014-01-17 15:00 – Updated: 2024-08-06 18:01
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:20.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101930",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/101930"
},
{
"name": "30914",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"name": "20140110 [CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "101930",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/101930"
},
{
"name": "30914",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"name": "20140110 [CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101930",
"refsource": "OSVDB",
"url": "http://osvdb.org/101930"
},
{
"name": "30914",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/30914"
},
{
"name": "20140110 [CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/530717/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7204",
"datePublished": "2014-01-17T15:00:00.000Z",
"dateReserved": "2013-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:01:20.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}