Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
BID:39612
Info
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
| Bugtraq ID: | 39612 |
| Class: | Access Validation Error |
| CVE: |
CVE-2010-0593 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 21 2010 12:00AM |
| Updated: | May 17 2010 06:12PM |
| Credit: | Eljakim Schrijvers of Eljakim Information Technology bv |
| Vulnerable: |
Cisco Wireless-G PTZ Internet Video Camera WVC210 0 Cisco Wireless-G PTZ Internet Video Camera WVC200 1.1.1 .15 Cisco Wireless-G PTZ Internet Video Camera WVC200 0 Cisco Wireless-G Business Internet Video Camera WVC2300 0 Cisco RVS4000 4-port Gigabit Security Router 0 Cisco Business Internet Video Camera PVC2300 0 |
| Not Vulnerable: |
Cisco Wireless-G PTZ Internet Video Camera WVC210 1.1 .15 Cisco Wireless-G PTZ Internet Video Camera WVC200 1.2.2 .0 Cisco Wireless-G Business Internet Video Camera WVC2300 1.1.2 .6 Cisco RVS4000 4-port Gigabit Security Router 1.3.2 .0 Cisco Business Internet Video Camera PVC2300 1.1.2 .6 |
Discussion
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
Multiple Cisco Small Business Video Surveillance cameras and a 4-port Gigabit router are prone to a remote authentication-bypass vulnerability.
Successful exploits allow remote authenticated attackers to obtain other users' passwords and gain access to the vulnerable device. This will completely compromise an affected device.
This issue is being tracked by Cisco bug ID CSCte64726.
This issue affects the following devices:
PVC2300 Business Internet Video Camera
WVC200 Wireless-G PTZ Internet Video Camera
WVC210 Wireless-G PTZ Internet Video Camera
WVC2300 Wireless-G Business Internet Video Camera
RVS4000 4-port Gigabit Security Router
Multiple Cisco Small Business Video Surveillance cameras and a 4-port Gigabit router are prone to a remote authentication-bypass vulnerability.
Successful exploits allow remote authenticated attackers to obtain other users' passwords and gain access to the vulnerable device. This will completely compromise an affected device.
This issue is being tracked by Cisco bug ID CSCte64726.
This issue affects the following devices:
PVC2300 Business Internet Video Camera
WVC200 Wireless-G PTZ Internet Video Camera
WVC210 Wireless-G PTZ Internet Video Camera
WVC2300 Wireless-G Business Internet Video Camera
RVS4000 4-port Gigabit Security Router
Exploit / POC
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
Attackers can use readily available tools to exploit this issue.
Attackers can use readily available tools to exploit this issue.
Solution / Fix
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
Solution:
The vendor has released an advisory along with fixes. Please see the referenced advisory for details.
Solution:
The vendor has released an advisory along with fixes. Please see the referenced advisory for details.
References
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
References:
References:
- Cisco Homepage (Cisco)
- Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cis (Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cis (Cisco)