CVE-2022-38970
6.5MEDIUMieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a
Опубликовано: 9/26/2022Обновлено: 5/21/2025
Описание
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices.
ИИ-АнализНа базе ИИ
Затронутые продукты
iegeekig20_firmware
-
iegeekig20
-
hipcamrealserver
1.0
Ссылки
- https://www.realinfosec.net/cybersecurity-news/iegeek-vulnerabilities-still-prevalent-in-2022-amazon-ft-ig20/ExploitTechnical DescriptionThird Party Advisory
- https://www.realinfosec.net/cybersecurity-news/iegeek-vulnerabilities-still-prevalent-in-2022-amazon-ft-ig20/ExploitTechnical DescriptionThird Party Advisory