Lucene search

MitreCVE-2018-17559

HistoryOct 26, 2023 - 10:15 p.m.

CVE-2018-17559

2023-10-2622:15:08

CWE-59

CWE-284

mitre

web.nvd.nist.gov

cve-2018-17559

access control

unauthenticated

remote attackers

abus tvip

video stream

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

53.2%

JSON

Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.

Affected configurations

Nvd

Node

abustvip_10000Match-

AND

abustvip_10000_firmwareMatch-

Node

abustvip_10001Match-

AND

abustvip_10001_firmwareMatch-

Node

abustvip_10005Match-

AND

abustvip_10005_firmwareMatch-

Node

abustvip_10005aMatch-

AND

abustvip_10005a_firmwareMatch-

Node

abustvip_10005bMatch-

AND

abustvip_10005b_firmwareMatch-

Node

abustvip_10050Match-

AND

abustvip_10050_firmwareMatch-

Node

abustvip_10051Match-

AND

abustvip_10051_firmwareMatch-

Node

abustvip_10055aMatch-

AND

abustvip_10055a_firmwareMatch-

Node

abustvip_10055bMatch-

AND

abustvip_10055b_firmwareMatch-

Node

abustvip_10500_firmwareMatch-

AND

abustvip_10500Match-

Node

abustvip_10550Match-

AND

abustvip_10550_firmwareMatch-

Node

abustvip_11000_firmwareMatch-

AND

abustvip_11000Match-

Node

abustvip_11050_firmwareMatch-

AND

abustvip_11050Match-

Node

abustvip_11500_firmwareMatch-

AND

abustvip_11500Match-

Node

abustvip_11501_firmwareMatch-

AND

abustvip_11501Match-

Node

abustvip_11502_firmwareMatch-

AND

abustvip_11502Match-

Node

abustvip_11550_firmwareMatch-

AND

abustvip_11550Match-

Node

abustvip_11551_firmwareMatch-

AND

abustvip_11551Match-

Node

abustvip_11552_firmwareMatch-

AND

abustvip_11552Match-

Node

abustvip_20000_firmwareMatch-

AND

abustvip_20000Match-

Node

abustvip_20050_firmwareMatch-

AND

abustvip_20050Match-

Node

abustvip_20500_firmwareMatch-

AND

abustvip_20500Match-

Node

abustvip_20550_firmwareMatch-

AND

abustvip_20550Match-

Node

abustvip_21000_firmwareMatch-

AND

abustvip_21000Match-

Node

abustvip_21050_firmwareMatch-

AND

abustvip_21050Match-

Node

abustvip_21500_firmwareMatch-

AND

abustvip_21500Match-

Node

abustvip_21501_firmwareMatch-

AND

abustvip_21501Match-

Node

abustvip_21502_firmwareMatch-

AND

abustvip_21502Match-

Node

abustvip_21550_firmwareMatch-

AND

abustvip_21550Match-

Node

abustvip_21551_firmwareMatch-

AND

abustvip_21551Match-

Node

abustvip_21552_firmwareMatch-

AND

abustvip_21552Match-

Node

abustvip_22500_firmwareMatch-

AND

abustvip_22500Match-

Node

abustvip_31000_firmwareMatch-

AND

abustvip_31000Match-

Node

abustvip_31001_firmwareMatch-

AND

abustvip_31001Match-

Node

abustvip_31050_firmwareMatch-

AND

abustvip_31050Match-

Node

abustvip_31500_firmwareMatch-

AND

abustvip_31500Match-

Node

abustvip_31501_firmwareMatch-

AND

abustvip_31501Match-

Node

abustvip_31550_firmwareMatch-

AND

abustvip_31550Match-

Node

abustvip_31551_firmwareMatch-

AND

abustvip_31551Match-

Node

abustvip_32500_firmwareMatch-

AND

abustvip_32500Match-

Node

abustvip_51500_firmwareMatch-

AND

abustvip_51500Match-

Node

abustvip_51550_firmwareMatch-

AND

abustvip_51550Match-

Node

abustvip_71500_firmwareMatch-

AND

abustvip_71500Match-

Node

abustvip_71501_firmwareMatch-

AND

abustvip_71501Match-

Node

abustvip_71550_firmwareMatch-

AND

abustvip_71550Match-

Node

abustvip_71551_firmwareMatch-

AND

abustvip_71551Match-

Node

abustvip_72500_firmwareMatch-

AND

abustvip_72500Match-

VendorProductVersionCPE
abustvip_10000-cpe:2.3:h:abus:tvip_10000:-:*:*:*:*:*:*:*
abustvip_10000_firmware-cpe:2.3:o:abus:tvip_10000_firmware:-:*:*:*:*:*:*:*
abustvip_10001-cpe:2.3:h:abus:tvip_10001:-:*:*:*:*:*:*:*
abustvip_10001_firmware-cpe:2.3:o:abus:tvip_10001_firmware:-:*:*:*:*:*:*:*
abustvip_10005-cpe:2.3:h:abus:tvip_10005:-:*:*:*:*:*:*:*
abustvip_10005_firmware-cpe:2.3:o:abus:tvip_10005_firmware:-:*:*:*:*:*:*:*
abustvip_10005a-cpe:2.3:h:abus:tvip_10005a:-:*:*:*:*:*:*:*
abustvip_10005a_firmware-cpe:2.3:o:abus:tvip_10005a_firmware:-:*:*:*:*:*:*:*
abustvip_10005b-cpe:2.3:h:abus:tvip_10005b:-:*:*:*:*:*:*:*
abustvip_10005b_firmware-cpe:2.3:o:abus:tvip_10005b_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
abus	tvip_10000	-	cpe:2.3:h:abus:tvip_10000:-:::::::*
abus	tvip_10000_firmware	-	cpe:2.3:o:abus:tvip_10000_firmware:-:::::::*
abus	tvip_10001	-	cpe:2.3:h:abus:tvip_10001:-:::::::*
abus	tvip_10001_firmware	-	cpe:2.3:o:abus:tvip_10001_firmware:-:::::::*
abus	tvip_10005	-	cpe:2.3:h:abus:tvip_10005:-:::::::*
abus	tvip_10005_firmware	-	cpe:2.3:o:abus:tvip_10005_firmware:-:::::::*
abus	tvip_10005a	-	cpe:2.3:h:abus:tvip_10005a:-:::::::*
abus	tvip_10005a_firmware	-	cpe:2.3:o:abus:tvip_10005a_firmware:-:::::::*
abus	tvip_10005b	-	cpe:2.3:h:abus:tvip_10005b:-:::::::*
abus	tvip_10005b_firmware	-	cpe:2.3:o:abus:tvip_10005b_firmware:-:::::::*

Rows per page:

1-10 of 941

References

sec.maride.cc/posts/abus/#cve-2018-17559

www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

53.2%

JSON

Related for CVE-2018-17559