Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Certain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFile.ini or /config.xml URIs. This configuration file contains usernames and encrypted passwords (encrypted with a hardcoded key common to all devices). This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Anpviz产品 安全漏洞
Vulnerability Description
Anpviz IPC是Anpviz公司的一系列网络摄像机。 多款Anpviz产品存在安全漏洞,该漏洞源于允许未经身份验证的攻击者通过HTTP GET请求将设备的运行配置下载到/ConfigFile.ini或/config.xml URI。受影响的产品和版本:Anpviz IPC-D250, IPC-D260, IPC-B850 IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N,
CVSS Information
N/A
Vulnerability Type
N/A