Details of VAR-190001-0488

ID

VAR-190001-0488

TITLE

Multiple IP Camera Products 'productmaker' Account Unauthorized Access Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2011-2332

DESCRIPTION

Trendnet TV-IP422W, iPUX ICS1033, Digicom IP CAMERA 100W are IP camera products. These products include an undocumented account \"productmaker\" that uses the default password, which allows an attacker to access the WEB or Telnet interface and command injection attacks. Multiple IP cameras are prone to an unauthorized access vulnerability. Successful exploits will allow a remote attacker to gain unauthorized access to the affected device

Trust: 0.81

sources: CNVD: CNVD-2011-2332 // BID: 48325

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2011-2332

AFFECTED PRODUCTS

vendor:	roberta	model:	palerai ipux ics1033	scope:	-	version:	-	Trust: 0.6
vendor:	roberta	model:	palerai trendnet tv-ip422w	scope:	-	version:	-	Trust: 0.6
vendor:	roberta	model:	palerai digicom ip camera 100w	scope:	-	version:	-	Trust: 0.6
vendor:	trendnet	model:	tv-ip422w	scope:	eq	version:	0	Trust: 0.3
vendor:	ipux	model:	ics1033	scope:	eq	version:	0	Trust: 0.3
vendor:	digicom	model:	ip camera 100w	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2011-2332 // BID: 48325

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201106-209

TYPE

Design Error

Trust: 0.9

sources: BID: 48325 // CNNVD: CNNVD-201106-209

EXTERNAL IDS

db:	BID	id:	48325	Trust: 1.5
db:	CNVD	id:	CNVD-2011-2332	Trust: 0.6
db:	CNNVD	id:	CNNVD-201106-209	Trust: 0.6

sources: CNVD: CNVD-2011-2332 // BID: 48325 // CNNVD: CNNVD-201106-209

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2011-06/0064.html	Trust: 0.9
url:	http://www.securityfocus.com/bid/48325	Trust: 0.6

sources: CNVD: CNVD-2011-2332 // BID: 48325 // CNNVD: CNNVD-201106-209

CREDITS

Roberto Paleari

Trust: 0.9

sources: BID: 48325 // CNNVD: CNNVD-201106-209

SOURCES

db:	CNVD	id:	CNVD-2011-2332
db:	BID	id:	48325
db:	CNNVD	id:	CNNVD-201106-209

LAST UPDATE DATE

2022-05-17T02:06:56.050000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-2332	date:	2011-06-20T00:00:00
db:	BID	id:	48325	date:	2011-06-17T00:00:00
db:	CNNVD	id:	CNNVD-201106-209	date:	2011-06-21T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-2332	date:	2011-06-20T00:00:00
db:	BID	id:	48325	date:	2011-06-17T00:00:00
db:	CNNVD	id:	CNNVD-201106-209	date:	1900-01-01T00:00:00