Keekoon KK002 IP Camera CSRF exploitation

This IP Camera is susceptible to CSRF at the following page:
/goform/formChnUserPwd

In the following parameters:
um_pwold, um_pwdnew, um_pwdcfm

The entire camera is vulnerable to CSRF, an example of another page is:
/goform/formUserMng

Eventually got round to getting a CVE number for it.

The CVE number allocated to this issue:

CVE-2017-6180

 

Advertisement
Privacy Settings

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s