Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Audi Universal Traffic Recorder App FTP Credentials hard-coded password
Vulnerability Description
A vulnerability classified as problematic has been found in Audi Universal Traffic Recorder App 2.0. Affected is an unknown function of the component FTP Credentials. The manipulation leads to use of hard-coded password. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.89 and 2.90 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about these issues and acted very professional. Version 2.89 is fixing this issue for new customers and 2.90 is going to fix it for existing customers.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
使用硬编码的口令
Vulnerability Title
Audi Universal Traffic Recorder App 安全漏洞
Vulnerability Description
Audi Universal Traffic Recorder App是德国奥迪(Audi)公司的一款行车记录仪专用 APP。用于连接行车记录仪,查看预览、锁定视频等操作。 Audi Universal Traffic Recorder App 2.0版本存在安全漏洞,该漏洞源于FTP Credentials组件使用硬编码密码,攻击需要在本地进行。
CVSS Information
N/A
Vulnerability Type
N/A