kienquoc102

2 exploits Active since Apr 2017

CVE-2018-9995 NOMISEC CRITICAL WORKING POC

TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header

TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.

4 stars

CVSS 9.8

View Code

CVE-2017-8225 NOMISEC CRITICAL WORKING POC

Wireless IP Camera (P2P) Firmware - Unauthenticated Credential Exposure via Empty Login Parameters

On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI.

2 stars

CVSS 9.8

View Code