cbcvebase.

Acti Camera Firmware vulnerabilities

3 known vulnerabilities affecting acti/camera_firmware.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3

Vulnerabilities

Page 1 of 1
CVE-2017-3186P2CRITICALCVSS 9.8va1d-500-v6.11.31-ac2017-12-16
CVE-2017-3186 [CRITICAL] CWE-521 CVE-2017-3186: ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non- ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials.
nvd
CVE-2017-3184P2CRITICALCVSS 9.8va1d-500-v6.11.31-ac2017-12-16
CVE-2017-3184 [CRITICAL] CWE-306 CVE-2017-3184: ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the http://x.x.x.x/setup/setup_maintain_firmware-default.html page. This will allow an attacker to perform a fa
nvd
CVE-2017-3185P3CRITICALCVSS 9.8va1d-500-v6.11.31-ac2017-12-16
CVE-2017-3185 [CRITICAL] CWE-598 CVE-2017-3185: ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a w ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
nvd