Arbitrary Account Reset Vulnerability in SV3C L-SERIES HD Camera
CVE-2018-12669 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.
Learn more about our Web App Pen Testing.