8.7
CVE-2024-58336
- EPSS 0.14%
- Veröffentlicht 30.12.2025 22:41:44
- Zuletzt bearbeitet 16.01.2026 19:16:15
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginAkuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affected Akuvox doorphone and intercom devices.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Akuvox ≫ S539 Firmware Version912.30.1.137
Akuvox ≫ S532 Firmware Version912.30.1.137
Akuvox ≫ X916 Firmware Version912.30.1.137
Akuvox ≫ X915 Firmware Version912.30.1.137
Akuvox ≫ X912 Firmware Version912.30.1.137
Akuvox ≫ R29 Firmware Version912.30.1.137
Akuvox ≫ R20k-2 Firmware Version912.30.1.137
Akuvox ≫ R20a-2 Firmware Version912.30.1.137
Akuvox ≫ C313w-2 Firmware Version912.30.1.137
Akuvox ≫ Ns-2 Firmware Version912.30.1.137
Akuvox ≫ Nc-2 Firmware Version912.30.1.137
Akuvox ≫ Nx-2 Firmware Version912.30.1.137
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.35 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| disclosure@vulncheck.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| disclosure@vulncheck.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.