Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Frigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accounts
Vulnerability Description
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version 0.16.3.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Vulnerability Type
授权机制不恰当
Vulnerability Title
Frigate 授权问题漏洞
Vulnerability Description
Frigate是Blake Blackshear个人开发者的一款专为具有 AI 对象检测功能的家庭助理设计的完整本地 NVR。 Frigate 0.16.2及之前版本存在授权问题漏洞,该漏洞源于viewer角色用户可以删除其他用户账户,可能导致拒绝服务和影响数据完整性。
CVSS Information
N/A
Vulnerability Type
N/A