Auth bypass in Commax Co., Ltd. Smart Home Ruvie Cctv Bridge Dvr Service
CVE-2021-47710
COMMAX Smart Home System is a smart IoT home solution that allows an unauthenticated attacker to disclose RTSP credentials in plain-text by exploiting the /overview.asp endpoint. Attackers can access sensitive information, including login…
Vulnerability class: Broken Authentication
EPSS: 0.003 (23.9th percentile) — read the EPSS interpretation.
Affected products
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (third-party-advisory)