Intelbras VIP S4320 G2 fins a 20241222 Web Interface /web_caps/webCapsConfig Divulgacion d'informacion

Es estat identificat una vulnerabilitat classificada coma problematic dins Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 fins a 20241222. Afectat es una foncion desconeguda del fichièr /web_caps/webCapsConfig del component Web Interface. L’utilizacion pòt menar a Divulgacion d'informacion. La declaracion del problèma amb CWE mena a CWE-200. L'anomalia foguèt publicada 22/12/2024. Lo comunicat es partejat per telecargar a netsecfish.notion.site. Aquesta vulnerabilitat es referenciada coma CVE-2024-12896. L'ataca pòt èsser començada a distància. Informacions tecnicas son presentas. De mai, una explotacion es disponibla. L'exploit es conegut pel public e pòt èsser utilizat. Uèi, lo prètz actual per un exploit seriá benlèu a l'entorn de USD $0-$5k per ara. Se declara coma prova-de-concepte. Se pòt telecargar l'exploit a netsecfish.notion.site. Per un 0-day, lo prètz estimat dins lo mercat negre èra environ $0-$5k. Es prepausat de metre en plaça un parafuòc restrictiu. If you want to get best quality of vulnerability data, you may have to visit VulDB.

3 Ajustaments · 89 Punts de donadas

CampCreat
22/12/2024 09:53		Actualizacion 1/2
23/12/2024 00:29		Actualizacion 2/2
24/12/2024 17:56
software_vendorIntelbrasIntelbrasIntelbras
software_nameVIP S3020 G2/VIP S4020 G2/VIP S4020 G3/VIP S4320 G2VIP S3020 G2/VIP S4020 G2/VIP S4020 G3/VIP S4320 G2VIP S3020 G2/VIP S4020 G2/VIP S4020 G3/VIP S4320 G2
software_version<=20241222<=20241222<=20241222
software_componentWeb InterfaceWeb InterfaceWeb Interface
software_file/web_caps/webCapsConfig/web_caps/webCapsConfig/web_caps/webCapsConfig
vulnerability_cweCWE-200 (Divulgacion d'informacion)CWE-200 (Divulgacion d'informacion)CWE-200 (Divulgacion d'informacion)
vulnerability_risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_vuldb_ePPP
cvss3_vuldb_rlWWW
cvss3_vuldb_rcCCC
advisory_urlhttps://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73
exploit_availability111
exploit_publicity111
exploit_urlhttps://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73
countermeasure_nameFirewallFirewallFirewall
source_cveCVE-2024-12896CVE-2024-12896CVE-2024-12896
cna_responsibleVulDBVulDBVulDB
response_summaryThe vendor assesses that "the information disclosed in the URL is not sensitive or poses any risk to the user".The vendor assesses that "the information disclosed in the URL is not sensitive or poses any risk to the user".The vendor assesses that "the information disclosed in the URL is not sensitive or poses any risk to the user".
cna_eol111
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcCCC
cvss2_vuldb_rlWWW
cvss4_vuldb_avNNN
cvss4_vuldb_acLLL
cvss4_vuldb_prNNN
cvss4_vuldb_uiNNN
cvss4_vuldb_vcLLL
cvss4_vuldb_viNNN
cvss4_vuldb_vaNNN
cvss4_vuldb_ePPP
cvss4_vuldb_atNNN
cvss4_vuldb_scNNN
cvss4_vuldb_siNNN
cvss4_vuldb_saNNN
cvss2_vuldb_basescore5.05.05.0
cvss2_vuldb_tempscore4.34.34.3
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore4.94.94.9
cvss3_meta_basescore5.35.35.3
cvss3_meta_tempscore4.95.15.1
cvss4_vuldb_bscore6.96.96.9
cvss4_vuldb_btscore5.55.55.5
advisory_date1734822000 (22/12/2024)1734822000 (22/12/2024)1734822000 (22/12/2024)
price_0day$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222 and classified as problematic. Affected by this issue is some unknown functionality of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor assesses that "the information disclosed in the URL is not sensitive or poses any risk to the user".A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222 and classified as problematic. Affected by this issue is some unknown functionality of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor assesses that "the information disclosed in the URL is not sensitive or poses any risk to the user".
cvss4_cna_avNN
cvss4_cna_acLL
cvss4_cna_atNN
cvss4_cna_prNN
cvss4_cna_uiNN
cvss4_cna_vcLL
cvss4_cna_viNN
cvss4_cna_vaNN
cvss4_cna_scNN
cvss4_cna_siNN
cvss4_cna_saNN
cvss4_cna_bscore6.96.9
cvss3_cna_avNN
cvss3_cna_acLL
cvss3_cna_prNN
cvss3_cna_uiNN
cvss3_cna_sUU
cvss3_cna_cLL
cvss3_cna_iNN
cvss3_cna_aNN
cvss3_cna_basescore5.35.3
cvss2_cna_avNN
cvss2_cna_acLL
cvss2_cna_auNN
cvss2_cna_ciPP
cvss2_cna_iiNN
cvss2_cna_aiNN
cvss2_cna_basescore55
cve_nvd_summaryesSe ha detectado una vulnerabilidad en Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 y VIP S4320 G2 hasta 20241222 y se ha clasificado como problemática. Este problema afecta a algunas funciones desconocidas del archivo /web_caps/webCapsConfig del componente Web Interface. La manipulación conduce a la divulgación de información. El ataque puede ejecutarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El proveedor evalúa que "la información divulgada en la URL no es sensible ni supone ningún riesgo para el usuario".

TornarVista D'ensembleContunhar

Do you want to use VulDB in your project?

Use the official API to access entries easily!