How severe is CVE-2022-38970?

CVE-2022-38970 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2022-38970

Name: realserver
Author: hipcam

6.5MEDIUM

ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a

Veröffentlicht: 9/26/2022Aktualisiert: 5/21/2025

Beschreibung

ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices.

KI-AnalyseKI-gestützt

Betroffene Produkte

iegeekig20_firmware

iegeekig20

hipcamrealserver

1.0

Referenzen

https://www.realinfosec.net/cybersecurity-news/iegeek-vulnerabilities-still-prevalent-in-2022-amazon-ft-ig20/
ExploitTechnical DescriptionThird Party Advisory
https://www.realinfosec.net/cybersecurity-news/iegeek-vulnerabilities-still-prevalent-in-2022-amazon-ft-ig20/
ExploitTechnical DescriptionThird Party Advisory