216.73.216.86

CVE-2024-35343

· Published 28/05/2024 17:15 · Modified 28/05/2024 17:15

Labels: CVE-2024-35343 2024-05-28CVE-2024-35343[email protected]

Essential information

Published
28/05/2024 17:15
Modified
28/05/2024 17:15
Author
Creator
CISA KEV
No
CWE

Description

Certain Anpviz products allow unauthenticated users to download arbitrary files from the device's filesystem via a HTTP GET request to the /playback/ URI. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 (IP Cameras) firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References