N/A

Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.

N/A

N/A

Sony CH和DH系列IP摄像头多个跨站请求伪造漏洞

Sony SNC CH140等都是日本索尼（Sony）公司的网络摄像机产品。 Sony网络摄像机中的command/user.cgi文件中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞劫持添加用户请求的管理员身份认证。以下型号受到影响：SNC CH140，SNC CH180，SNC CH240，SNC CH280，SNC DH140，SNC DH140T，SNC DH180，SNC DH240，SNC DH240T，SNC DH280。

N/A

N/A