Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device, are transmitting user's login and password to a remote control service without using any encryption. This enables an on-path attacker to eavesdrop the credentials and subsequently obtain access to the video stream. The credentials are being sent when a user decides to change his password in router's portal.
CVSS Information
N/A
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
Longse NVR 安全漏洞
Vulnerability Description
Longse NVR是中国长视科技(Longse)公司的一系列网络视频录像机。 Longse NVR存在安全漏洞,该漏洞源于将用户的登录名和密码传输到远程控制服务,无需使用任何加密,使攻击者能够窃听凭据并获得对视频流的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A