CVE-2015-8254
MEDIUMRSI Video Technologies Frontel Protocol < 2.0 - Unauthenticated Alarm Spoofing and Deactivation via MITM
Title source: llmDescription
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/792004
Scores
CVSS v3
5.9
EPSS
0.0040
EPSS Percentile
31.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-345
Status
published
Products (1)
rsi_video_technologies/frontel_protocol
< 2.0
Published
Dec 27, 2015
Tracked Since
Feb 18, 2026