CVE-2021-30169

EPSS 0.95%
Veröffentlicht 28.04.2021 10:15:08
Zuletzt bearbeitet 21.11.2024 06:03:26
Quelle twcert@cert.org.tw
CVE-Watchlists
Login
Unerledigt
Login

The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant user’s credential.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 2 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Meritlilin ≫ P2r8852e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r8852e2 Version-

Meritlilin ≫ P2r8852e4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r8852e4 Version-

Meritlilin ≫ P2r6852e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6852e2 Version-

Meritlilin ≫ P2r6852e4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6852e4 Version-

Meritlilin ≫ P2r6552e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6552e2 Version-

Meritlilin ≫ P2r6552e4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6552e4 Version-

Meritlilin ≫ P2r6352ae2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6352ae2 Version-

Meritlilin ≫ P2r6352ae4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6352ae4 Version-

Meritlilin ≫ P2r3052ae2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r3052ae2 Version-

Meritlilin ≫ P2g1052 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2g1052 Version-

Meritlilin ≫ P2r8822e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r8822e2 Version-

Meritlilin ≫ P2r8822e4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r8822e4 Version-

Meritlilin ≫ P2r6822e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6822e2 Version-

Meritlilin ≫ P2r6822e4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6822e4 Version-

Meritlilin ≫ P2r6522e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6522e2 Version-

Meritlilin ≫ P2r6522e4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6522e4 Version-

Meritlilin ≫ P2r6322ae2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6322ae2 Version-

Meritlilin ≫ P2r6322ae4 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r6322ae4 Version-

Meritlilin ≫ P2r3022ae2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2r3022ae2 Version-

Meritlilin ≫ P2g1022 Firmware Version < 7.1.94.8908

Meritlilin ≫ P2g1022 Version-

Meritlilin ≫ P2g1022x Firmware Version < 7.1.94.8908

Meritlilin ≫ P2g1022x Version-

Meritlilin ≫ Z2r8852ax Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8852ax Version-

Meritlilin ≫ Z2r8152x-p Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8152x-p Version-

Meritlilin ≫ Z2r8152x2-p Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8152x2-p Version-

Meritlilin ≫ Z2r8052ex25 Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8052ex25 Version-

Meritlilin ≫ Z2r6552x Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r6552x Version-

Meritlilin ≫ Z2r6452ax Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r6452ax Version-

Meritlilin ≫ Z2r6452ax-p Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r6452ax-p Version-

Meritlilin ≫ Z2r8822ax Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8822ax Version-

Meritlilin ≫ Z2r8122x-p Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8122x-p Version-

Meritlilin ≫ Z2r8122x2-p Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8122x2-p Version-

Meritlilin ≫ Z2r8022ex25 Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r8022ex25 Version-

Meritlilin ≫ Z2r6522x Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r6522x Version-

Meritlilin ≫ Z2r6422ax Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r6422ax Version-

Meritlilin ≫ Z2r6422ax-p Firmware Version < 7.1.94.8908

Meritlilin ≫ Z2r6422ax-p Version-

Meritlilin ≫ P3r6322e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P3r6322e2 Version-

Meritlilin ≫ P3r6522e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P3r6522e2 Version-

Meritlilin ≫ P3r8822e2 Firmware Version < 7.1.94.8908

Meritlilin ≫ P3r8822e2 Version-

Meritlilin ≫ Z3r6422x3 Firmware Version < 7.1.94.8908

Meritlilin ≫ Z3r6422x3 Version-

Meritlilin ≫ Z3r6522x Firmware Version < 7.1.94.8908

Meritlilin ≫ Z3r6522x Version-

Meritlilin ≫ Z3r8922x3 Firmware Version < 7.1.94.8908

Meritlilin ≫ Z3r8922x3 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.95%	0.758

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
twcert@cert.org.tw	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e

Third Party Advisory

https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388

Third Party Advisory

https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf

Vendor Advisory

https://www.twcert.org.tw/tw/cp-132-4679-d308c-1.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-30169

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-30169

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-30169

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-30169