Unrated severityNVD Advisory· Published Sep 4, 2024· Updated Sep 6, 2024

CVE-2024-45177

Description

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to improper input validation, the C-MOR web interface is vulnerable to persistent cross-site scripting (XSS) attacks. It was found out that the camera configuration is vulnerable to a persistent cross-site scripting attack due to insufficient user input validation.

Affected products

za-internet/C-MOR Video Surveillancecpe-rescue2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 5.2401, 6.00PL01

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-021.txtmitre
www.syss.de/pentest-blog/mehrere-sicherheitsschwachstellen-in-videoueberwachungssoftware-c-mor-syss-2024-020-bis-030mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000