VYPR
Critical severity9.8NVD Advisory· Published Jan 6, 2026· Updated Apr 15, 2026

CVE-2020-36925

CVE-2020-36925

Description

Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without authorization.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.