Unknown
CVE-2014-1900
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote attackers to bypass authentication and obtain sensitive information via a leading “/./” in a request to en/account/accedit.asp.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- ycb001 firmware 4.30,
- ycb002 firmware 4.30,
- ycb003 firmware 4.30,
- ycb004 firmware 4.30,
- ycbl03,
- ycbl03 firmware 4.30,
- ycblb3,
- ycblb3 firmware 4.30,
- ycblhd5 firmware 4.30,
- yceb03 firmware 4.30,
- yck002 firmware 4.30,
- yck003 firmware 4.30,
- yck004 firmware 4.30,
- ycw001 firmware 4.30,
- ycw002 firmware 4.30,
- ycw003 firmware 4.30,
- ycw004,
- ycw004 firmware 4.30
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
