CVE-2020-11625
published 2020-07-23CVE-2020-11625: An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera…
PriorityP278medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.42%
69.4th percentile
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legitimate usernames, facilitating brute-force attacks. NOTE: this is different from CVE-2020-7057.
Detection & IOCsextracted from sources · hover to see the quote
- ·The vulnerability affects AvertX IP camera models HD838 and 438IR (rebranded Hikvision cameras). AvertX has released a patch; detection should focus on unpatched devices still exposing the ISAPI endpoint. ↗
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m67c-r98h-r497: An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Cam
ghsa_unreviewed·2022-05-24·CVSS 5.3
CVE-2020-11625 [MEDIUM] GHSA-m67c-r98h-r497: An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Cam
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legitimate usernames, facilitating brute-force att
VulnCheck
avertx hd838_firmware Observable Discrepancy
vulncheck·2020·CVSS 5.3
CVE-2020-11625 [MEDIUM] avertx hd838_firmware Observable Discrepancy
avertx hd838_firmware Observable Discrepancy
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legi
No detection rules found.
No public exploits indexed.
Unit42
3 Vulnerabilities Found on AvertX IP Cameras
blogs_unit42·2020-07-17·CVSS 6.8
[MEDIUM] 3 Vulnerabilities Found on AvertX IP Cameras
## Executive Summary
On February 24, 2020, Palo Alto Networks Unit 42 researchers found vulnerabilities present in AvertX IP cameras running the latest firmware.
Three vulnerabilities were found in AvertX IP cameras with model number HD838 and 438IR, as confirmed by AvertX. These products are surveillance cameras intended to be used outdoors with infrared and object detection technology built-in. They also allow users to store the recordings in the cloud, in a network video recorder (NVR) and also create backups in an SD memory card.
The following are the three vulnerabilities we found:
- CVE-2020-11625: User enumeration
- CVE-2020-11624: Weak password requirements
- CVE-2020-11623: Exposed dangerous method or function
The detected vulnerabilities have the following impact:
- Attacke
Unit42
3 Vulnerabilities Found on AvertX IP Cameras
blogs_unit42·2020-07-17·CVSS 6.8
[MEDIUM] 3 Vulnerabilities Found on AvertX IP Cameras
Threat Research Center
Threat Research
Malware
## 3 Vulnerabilities Found on AvertX IP Cameras
Asher Davila
Published: July 17, 2020
Malware
Ransomware
Threat Research
Botnet
DDoS
Exploit kit
IoT
## Executive Summary
On February 24, 2020, Palo Alto Networks Unit 42 researchers found vulnerabilities present in AvertX IP cameras running the latest firmware.
Three vulnerabilities were found in AvertX IP cameras with model number HD838 and 438IR, as confirmed by AvertX. These products are surveillance cameras intended to be used outdoors with infrared and object detection technology built-in. They also allow users to store the recordings in the cloud, in a network video recorder (NVR) and also create backups in an SD memory card.
The following are the three vulnerabilities
2020-07-23
Published
Exploited in the wild