Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ThroughTek P2P SDK - Cleartext Transmission of Sensitive Information
Vulnerability Description
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module) do not sufficiently protect data transferred between the local device and ThroughTek servers. This can allow an attacker to access sensitive information, such as camera feeds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
ThroughTek P2P SDK 信息泄露漏洞
Vulnerability Description
throughtek ThroughTek P2P SDK是中国通泰科技(throughtek)公司的应用软件用于视频监控产品和大型“音视频”文件的传输。 ThroughTek P2P SDK存在信息泄露漏洞,该漏洞源于ThroughTek本地设备与ThroughTek 服务器之间传输数据时发生信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A