CVE-2017-3184: CVE-2017-3184

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-3184

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the http://x.x.x.x/setup/setup_maintain_firmware-default.html page. This will allow an attacker to perform a factory reset on the device, leading to a denial of service condition or the ability to make use of default credentials (CVE-2017-3186).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

关键功能的认证机制缺失

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款ACTi产品安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ACTi I Series等都是ACTi公司的系列网络监控摄像机。使用A1D-500-V6.11.31-AC版本固件的多款ACTi产品存在安全漏洞，该漏洞源于程序没有正确的限制恢复出厂设置页面的访问权限。攻击者可通过直接访问http://x.x.x.x/setup/setup_maintain_firmware-default.html页面利用该漏洞将设备恢复出厂设置，导致拒绝服务。以下产品受到影响：ACTi I Series；ACTi E Series；ACTi D Series；ACTi B Ser

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
ACTi Corporation	ACTi D, B, I, and E series cameras	A1D-500-V6.11.31-AC	-

II. Public POCs for CVE-2017-3184

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-3184

Please Login to view more intelligence information

🔗 https://twitter.com/hack3rsca/status/839599437907386368x_refsource_MISC
🔗 https://twitter.com/Hfuhs/status/839252357221330944x_refsource_MISC
🔗 http://www.securityfocus.com/bid/96720/infovdb-entryx_refsource_BID
🔗 https://www.kb.cert.org/vuls/id/355151third-party-advisoryx_refsource_CERT-VN
https://nvd.nist.gov/vuln/detail/CVE-2017-3184

IV. Related Vulnerabilities

Same product: ACTi D, B, I, and E series cameras

Same vendor: ACTi Corporation

Same weakness: CWE-306

V. Comments for CVE-2017-3184

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2017-3184

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-3184

III. Intelligence Information for CVE-2017-3184

IV. Related Vulnerabilities

V. Comments for CVE-2017-3184

Leave a comment