CVE-2023-30146
HIGHAssmann HT-IP211HDP Firmware 2.000.022 - Unauthenticated Cleartext Storage of Sensitive Information
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2023-30146. PoCs published by L1-0.
AI-analyzed exploit summary This PoC exploits an information disclosure vulnerability in HooToo/Assmann webcams by querying multiple CGI endpoints to retrieve sensitive data such as user credentials, network configurations, and WiFi details. The script automates the extraction of this information without requiring authentication.
Description
Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials.
Exploits (1)
This PoC exploits an information disclosure vulnerability in HooToo/Assmann webcams by querying multiple CGI endpoints to retrieve sensitive data such as user credentials, network configurations, and WiFi details. The script automates the extraction of this information without requiring authentication.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N