CVE-2018-5560

Guardzilla All-In-One Video Security System Hard-Coded Credential

CVSS 10 CRITICALEPSS 1.6%CWE-798

A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Productos afectados

Practecol, LLC · Guardzilla All-In-One Video Security System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blog.rapid7.com/2018/12/27/r7-2018-52-guardzilla-iot-video-camera-hard-coded-credential-cve-2018-5560/https://www.0dayallday.org/guardzilla-video-camera-hard-coded-aws-credentials/