CVE-2020-11681

HIGH

Castel Nextgen Dvr Firmware - Insufficiently Protected Credentials

Title source: rule

Description

Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.

References (3)

[Third Party Advisory] http://packetstormsecurity.com/files/157954/Castel-NextGen-DVR-1.0.0-Bypass-CSRF-Disclosure.html

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Jun/8

[Third Party Advisory] https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass

Scores

CVSS v3 8.1

EPSS 0.0026

EPSS Percentile 48.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-522

Status published

Affected Products (1)

castel/nextgen_dvr_firmware

Timeline

Published Jun 04, 2020

Tracked Since Feb 18, 2026