VDB-289377 · CVE-2024-12984 · GCVE-100-289377

Amcrest IP2M-841B ଯେପର୍ଯ୍ୟନ୍ତ 20241211 Web Interface /web_caps/webCapsConfig ସୂଚନା ପ୍ରକାଶ

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu Amcrest IP2M-841B, IP2M-841W, IPC-IP2M-841B, IPC-IP3M-943B, IPC-IP3M-943S, IPC-IP3M-HX2B and IPC-IPM-721S ଯେପର୍ଯ୍ୟନ୍ତ 20241211 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /web_caps/webCapsConfig keessa kutaa Web Interface keessa. Hojii jijjiirraa gara ସୂଚନା ପ୍ରକାଶ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-200 geessa. Dadhabbii kana yeroo 12/27/2024 maxxanfameera. Odeeffannoon kun buufachuuf netsecfish.notion.site irratti qoodameera. Dogoggorri kun akka CVE-2024-12984tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana netsecfish.notion.site irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Yaada kennamuuf firewall ugguramaa hojiirra oolchuun ni gorfama. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

2 ଆଡାପ୍ଟେସନ୍ · 87 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 12/27/2024 08:54 AM	ଅଦ୍ୟତନ 1/1 12/27/2024 10:41 PM
software_vendor	Amcrest	Amcrest
software_name	IP2M-841B/IP2M-841W/IPC-IP2M-841B/IPC-IP3M-943B/IPC-IP3M-943S/IPC-IP3M-HX2B/IPC-IPM-721S	IP2M-841B/IP2M-841W/IPC-IP2M-841B/IPC-IP3M-943B/IPC-IP3M-943S/IPC-IP3M-HX2B/IPC-IPM-721S
software_version	<=20241211	<=20241211
software_component	Web Interface	Web Interface
software_file	/web_caps/webCapsConfig	/web_caps/webCapsConfig
vulnerability_cwe	CWE-200 (ସୂଚନା ପ୍ରକାଶ)	CWE-200 (ସୂଚନା ପ୍ରକାଶ)
vulnerability_risk	1	1
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	N	N
cvss3_vuldb_a	N	N
cvss3_vuldb_e	P	P
cvss3_vuldb_rl	W	W
cvss3_vuldb_rc	R	R
advisory_url	https://netsecfish.notion.site/AMCREST-IP-Camera-Information-Disclosure-1596b683e67c8045ad10c16b3eed456f?pvs=4	https://netsecfish.notion.site/AMCREST-IP-Camera-Information-Disclosure-1596b683e67c8045ad10c16b3eed456f?pvs=4
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://netsecfish.notion.site/AMCREST-IP-Camera-Information-Disclosure-1596b683e67c8045ad10c16b3eed456f?pvs=4	https://netsecfish.notion.site/AMCREST-IP-Camera-Information-Disclosure-1596b683e67c8045ad10c16b3eed456f?pvs=4
countermeasure_name	Firewall	Firewall
source_cve	CVE-2024-12984	CVE-2024-12984
cna_responsible	VulDB	VulDB
response_summary	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	N	N
cvss2_vuldb_ai	N	N
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss2_vuldb_rl	W	W
cvss4_vuldb_av	N	N
cvss4_vuldb_ac	L	L
cvss4_vuldb_pr	N	N
cvss4_vuldb_ui	N	N
cvss4_vuldb_vc	L	L
cvss4_vuldb_vi	N	N
cvss4_vuldb_va	N	N
cvss4_vuldb_e	P	P
cvss4_vuldb_at	N	N
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss2_vuldb_basescore	5.0	5.0
cvss2_vuldb_tempscore	4.1	4.1
cvss3_vuldb_basescore	5.3	5.3
cvss3_vuldb_tempscore	4.7	4.7
cvss3_meta_basescore	5.3	5.3
cvss3_meta_tempscore	4.7	5.0
cvss4_vuldb_bscore	6.9	6.9
cvss4_vuldb_btscore	5.5	5.5
advisory_date	1735254000 (12/27/2024)	1735254000 (12/27/2024)
price_0day	$0-$5k	$0-$5k
cvss4_cna_av		N
cvss4_cna_ac		L
cvss4_cna_at		N
cvss4_cna_pr		N
cvss4_cna_ui		N
cvss4_cna_vc		L
cvss4_cna_vi		N
cvss4_cna_va		N
cvss4_cna_sc		N
cvss4_cna_si		N
cvss4_cna_sa		N
cvss4_cna_bscore		6.9
cvss3_cna_av		N
cvss3_cna_ac		L
cvss3_cna_pr		N
cvss3_cna_ui		N
cvss3_cna_s		U
cvss3_cna_c		L
cvss3_cna_i		N
cvss3_cna_a		N
cvss3_cna_basescore		5.3
cvss2_cna_av		N
cvss2_cna_ac		L
cvss2_cna_au		N
cvss2_cna_ci		P
cvss2_cna_ii		N
cvss2_cna_ai		N
cvss2_cna_basescore		5
cve_nvd_summary		A vulnerability classified as problematic has been found in Amcrest IP2M-841B, IP2M-841W, IPC-IP2M-841B, IPC-IP3M-943B, IPC-IP3M-943S, IPC-IP3M-HX2B and IPC-IPM-721S up to 20241211. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!