CVE-2020-36925

CRITICAL

Arteco Web Client DVR/NVR - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-36925. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit performs a brute-force attack on the 'SessionId' cookie in Arteco Web Client DVR/NVR systems to bypass authentication and hijack valid sessions. It iterates through a range of possible session IDs and checks for a valid response to determine successful session hijacking.

Description

Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without authorization.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonwebappswindows

https://www.exploit-db.com/exploits/49348

View Code ZIP pw:eip

This exploit performs a brute-force attack on the 'SessionId' cookie in Arteco Web Client DVR/NVR systems to bypass authentication and hijack valid sessions. It iterates through a range of possible session IDs and checks for a valid response to determine successful session hijacking.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Arteco Web Client DVR/NVR (version not specified)

No auth needed

Prerequisites: Network access to the target system · Knowledge of the target IP address

MITRE ATT&CK