Remote Privilege Escalation in Network Camera Device via Manage Users Profile Services
CVE-2021-30167 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.
Learn more about our Network Penetration Testing.