High severity8.1NVD Advisory· Published Jun 4, 2020· Updated Jun 17, 2026
CVE-2020-11681
CVE-2020-11681
Description
Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Castel/NextGen DVRdescription
- Range: = 1.0.0
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/157954/Castel-NextGen-DVR-1.0.0-Bypass-CSRF-Disclosure.htmlnvdThird Party Advisory
- seclists.org/fulldisclosure/2020/Jun/8nvdMailing ListThird Party Advisory
- www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypassnvdThird Party Advisory
News mentions
0No linked articles in our index yet.