Auth bypass in Planex Communications Inc. Cs-qp50f-ing2

CVE-2021-4468

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated attacker can directly retrieve a compressed configuration backup file from the device. The…

Vulnerability class: Broken Authentication

EPSS: 0.006 (43.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References