Client-side enforcement vulnerability in Cohu 3960HD camera allows for option manipulation and code execution
CVE-2017-8864 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if (!passwordsAreEqual())" test.
Learn more about our Cis Benchmark Audit For Server Software.