CVE-2022-34138 - Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v1

CVE-2022-34138

Summary

Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.

References

https://kth.diva-portal.org/smash/get/diva2:1729289/FULLTEXT01.pdf
https://docs.biltema.com/v2/documents/file/nb/6a9ff001-a0e0-48c4-a802-83e8b5a5e213

Vulnerable Configurations

cpe:2.3:o:biltema:baby_camera_firmware:124:*:*:*:*:*:*:*
cpe:2.3:o:biltema:baby_camera_firmware:124:*:*:*:*:*:*:*
cpe:2.3:h:biltema:baby_camera:-:*:*:*:*:*:*:*
cpe:2.3:h:biltema:baby_camera:-:*:*:*:*:*:*:*
cpe:2.3:o:biltema:ip_camera_firmware:124:*:*:*:*:*:*:*
cpe:2.3:o:biltema:ip_camera_firmware:124:*:*:*:*:*:*:*
cpe:2.3:h:biltema:ip_camera:-:*:*:*:*:*:*:*
cpe:2.3:h:biltema:ip_camera:-:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-639

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

10-02-2023 - 01:22

Published

03-02-2023 - 15:15

Last modified

10-02-2023 - 01:22