CVE-2018-12672

The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or the administrator.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:*
OR cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:*:*:*:*:*:*:*
cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:*:*:*:*:*:*:*
cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:*:*:*:*:*:*:*

Information

Published : 2018-10-19 15:29

Updated : 2019-01-11 08:23


NVD link : CVE-2018-12672

Mitre link : CVE-2018-12672


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

sv3c

  • sv-b01poe-1080p-l
  • sv-d02poe-1080p-l
  • h.264_poe_ip_camera_firmware
  • sv-b11vpoe-1080p-l