Vulnerability in Commax Co., Ltd. Cvd-axx Dvr
CVE-2021-47707
COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote password attacks and disclose RTSP stream. Attackers can exploit this by sending a POST request with the 'passkey' parameter set to '1234', allowin…
EPSS: 0.003 (25.7th percentile) — read the EPSS interpretation.
Affected products
- Commax Co., Ltd. Cvd-axx Dvr — versions CVD-AH04 DVR 4.4.1
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (third-party-advisory)