CVE-2010-4233 - The Linux installation on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Ca

CVE-2010-4233

Summary

The Linux installation on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 has a default password of m for the root account, and a default password of merlin for the mg3500 account, which makes it easier for remote attackers to obtain access via the TELNET interface.

References

Vulnerable Configurations

cpe:2.3:a:camtron:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:*
cpe:2.3:a:camtron:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:*
cpe:2.3:h:camtron:cmnc-200:*:*:*:*:*:*:*:*
cpe:2.3:h:camtron:cmnc-200:*:*:*:*:*:*:*:*
cpe:2.3:a:tecvoz:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:*
cpe:2.3:a:tecvoz:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:*
cpe:2.3:h:tecvoz:cmnc-200:*:*:*:*:*:*:*:*
cpe:2.3:h:tecvoz:cmnc-200:*:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 10-10-2018 - 20:07)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	20101112 TWSL2010-006: Multiple Vulnerabilities in Camtron CMNC-200 IP Camera
exploit-db	15507
misc	https://www.trustwave.com/spiderlabs/advisories/TWSL2010-006.txt

Last major update

10-10-2018 - 20:07

Published

17-11-2010 - 01:00

Last modified

10-10-2018 - 20:07