ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HActi Camera Firmware
OSActia1d-500-v6.11.31-ac
Related vulnerabilities
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly r...
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random def...
ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigge...
Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ...
Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1...