VAR-201307-0550
Vulnerability from variot - Updated: 2022-05-17 01:463S Vision is a camera device. 3S N1072, N1073 and N3071 are all network cameras from Taiwan 3S. A security bypass vulnerability exists in 3S Vision N1072, N1073, N3071 Network Cameras, which originates from the use of hard-coded credentials in the program. An attacker could use this vulnerability to gain administrator access to the affected device. Vulnerabilities exist in the following versions: N1072 Network camera runs firmware version 1.07_STD-1, N1073 Network camera runs firmware version 1.02_STD-1, and N3071 Network camera runs firmware version 1.05_STD-1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0550",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vision n3071 network camera",
"scope": null,
"trust": 0.6,
"vendor": "3s pocketnet",
"version": null
},
{
"model": "vision n1073 network camera",
"scope": null,
"trust": 0.6,
"vendor": "3s pocketnet",
"version": null
},
{
"model": "vision n1072 network camera",
"scope": null,
"trust": 0.6,
"vendor": "3s pocketnet",
"version": null
},
{
"model": "vision n3071 network camera 1.05 std-1",
"scope": null,
"trust": 0.3,
"vendor": "3s",
"version": null
},
{
"model": "vision n1073 network camera 1.02 std-1",
"scope": null,
"trust": 0.3,
"vendor": "3s",
"version": null
},
{
"model": "vision n1072 network camera 1.07 std-1",
"scope": null,
"trust": 0.3,
"vendor": "3s",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"db": "BID",
"id": "61115"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roberto Paleari and Alessandro Di Pinto",
"sources": [
{
"db": "BID",
"id": "61115"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-09676",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-09676",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3S Vision is a camera device. 3S N1072, N1073 and N3071 are all network cameras from Taiwan 3S. \nA security bypass vulnerability exists in 3S Vision N1072, N1073, N3071 Network Cameras, which originates from the use of hard-coded credentials in the program. An attacker could use this vulnerability to gain administrator access to the affected device. Vulnerabilities exist in the following versions: N1072 Network camera runs firmware version 1.07_STD-1, N1073 Network camera runs firmware version 1.02_STD-1, and N3071 Network camera runs firmware version 1.05_STD-1",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
},
{
"db": "BID",
"id": "61115"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "61115",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-09676",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201307-263",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"db": "BID",
"id": "61115"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
]
},
"id": "VAR-201307-0550",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
}
]
},
"last_update_date": "2022-05-17T01:46:35.726000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/61115"
},
{
"trust": 0.3,
"url": "http://www.3svision.com.tw/"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/archive/1/527191/30/0/threaded"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"db": "BID",
"id": "61115"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"db": "BID",
"id": "61115"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"date": "2013-07-11T00:00:00",
"db": "BID",
"id": "61115"
},
{
"date": "2013-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"date": "2013-07-11T00:00:00",
"db": "BID",
"id": "61115"
},
{
"date": "2013-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3S Vision N1072/N1073/N3071 Network Cameras Hardcoded Credentials Security Bypass Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-09676"
},
{
"db": "BID",
"id": "61115"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-263"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…