CVE-2021-40378

HIGH

Compro - Info Disclosure

Title source: llm

Description

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device.

Exploits (1)

exploitdb WORKING POC

by icekam · textwebappshardware

https://www.exploit-db.com/exploits/50250

View Code ZIP pw:eip

References (2)

[Broken Link] https://github.com/icekam/0day/blob/main/Compro-Technology-Camera-has-multiple-vulnerabilities.md

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/164024/Compro-Technology-IP-Camera-Denial-Of-Service.html

Scores

CVSS v3 8.1

EPSS 0.4061

EPSS Percentile 97.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE

CWE-862

Status published

Products (4)

comprotech/ip570_firmware 2.08_7130520

comprotech/ip60_firmware

comprotech/ip70_firmware 2.08_7130218

comprotech/tn540_firmware

Published Sep 01, 2021

Tracked Since Feb 18, 2026