VYPR

Camera Firmware

by Acti

CVEs (3)

  • CVE-2017-3186CriDec 16, 2017
    risk 0.64cvss 9.8epss 0.06

    ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials.

  • CVE-2017-3185CriDec 16, 2017
    risk 0.64cvss 9.8epss 0.03

    ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through…

  • CVE-2017-3184CriDec 16, 2017
    risk 0.64cvss 9.8epss 0.06

    ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the…