Remote Privilege Escalation in Network Camera Device via Manage Users Profile Services

Remote Privilege Escalation in Network Camera Device via Manage Users Profile Services

CVE-2021-30167 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

Learn more about our Network Penetration Testing.