CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
73.2%
A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273262 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Vendor | Product | Version | CPE |
---|---|---|---|
tvt | dvr_firmware | - | cpe:2.3:o:tvt:dvr_firmware:-:*:*:*:*:*:*:* |
tvt | td-2104ts-cl | * | cpe:2.3:h:tvt:td-2104ts-cl:*:*:*:*:*:*:*:* |
tvt | td-2108ts-hp | * | cpe:2.3:h:tvt:td-2108ts-hp:*:*:*:*:*:*:*:* |
provision-isr | dvr_firmware | - | cpe:2.3:o:provision-isr:dvr_firmware:-:*:*:*:*:*:*:* |
provision-isr | sh-4050a5-5l\(mm\) | * | cpe:2.3:h:provision-isr:sh-4050a5-5l\(mm\):*:*:*:*:*:*:*:* |
artion-sec | dvr_firmware | - | cpe:2.3:o:artion-sec:dvr_firmware:-:*:*:*:*:*:*:* |
artion-sec | av108t | * | cpe:2.3:h:artion-sec:av108t:*:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
73.2%