Arbitrary Account Reset Vulnerability in SV3C L-SERIES HD Camera

Arbitrary Account Reset Vulnerability in SV3C L-SERIES HD Camera

CVE-2018-12669 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.

Learn more about our Web App Pen Testing.