Home
MEDIUM: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:NDefault status
unaffected
1000-1000-1000-1000
affected
1000C-1000C-1000C-1000C
affected
1001-1000-1000-1000
affected
1001-1001-1000-1000
affected
1002-1000-1000-1000
affected
1002-1002-1000-1002
affected
1002D-1000D-1000D-1000D
affected
1003-1000-1000-1001
affected
1003-1001-1001-1000
affected
1003-1002-1001-1000
affected
1004-1000-1000-1000
affected
1004-1001-1001-1001
affected
1004-1003-1001-1002
affected
1004-1003-1002-1001
affected
1004A-1001A-1002A-1000A
affected
1005-1002-1001-1002
affected
1005-1003-1001-1002
affected
1005-1004-1002-1001
affected
1005A-1001A-1002A-1001A
affected
1005D-1001D-1002D-1001D
affected
1006-1002-1001-1002
affected
1006-1004-1003-1001
affected
1007-1001-1003-1001
affected
1007-1001-1004-1003
affected
1007-1002-1001-1003
affected
1007-1002-1003-1002
affected
1007-1004-1003-1001
affected
1008-1001-1003-1002
affected
1008-1004-1004-1001
affected
1008D-1003D-1004D-1002D
affected
1008J-1004J-1004J-1001J
affected
1009-1001-1004-1001
affected
1009-1002-1005-1003
affected
1009-1003-1005-1002
affected
1010-1001-1004-1001
affected
1010-1001-1004-1002
affected
1010-1003-1005-1002
affected
1010-1003-1006-1003
affected
1010-1003-1006-1004
affected
1010-1004-1007-1001
affected
1010J-1001J-1004J-1001J
affected
1010N-1003N-1005N-1002N
affected
1011-1001-1002A-1002
affected
1011-1001-1002D-1002
affected
1011-1001-1003-1002
affected
1011-1001-1004-1002
affected
1011-1001-1005-1002
affected
1011-1004-1005-1002
affected
1012-1001-1005-1002
affected
1012-1001-1005-1003
affected
1012-1001-1005PO-1002
affected
1012-1003-1007-1002
affected
1012-1003-1007-1004
affected
1013-1001-1005-1003
affected
1013-1002-1006-1002
affected
1013-1003-1008-1003
affected
1013-1004-1008-1004
affected
1013-1005-1005-1002
affected
1013-1005-1007-1002
affected
1013K-1005K-1007PO-1002K
affected
1014-1002-1006-1002
affected
1014-1002-1006-1003
affected
1014-1003-1008-1003
affected
1014-1005-1008-1002
affected
1014B-1002B-1006B-1002B
affected
1015-1001-1006-1003
affected
1015-1002-1006-1003
affected
1015-1002-1007-1002
affected
1015-1003-1008-1003
affected
1015-1005-1009-1004
affected
1015-1006-1004-1002
affected
1015-1006-1005-1002
affected
1015-1006-1008-1002
affected
1015C-1004C-1003C-1005C
affected
1015K-1006K-1008PO-1002K
affected
1016-1002-1007-1002
affected
1016-1006-1013-1002
affected
1016-1007-1009-1003
affected
1016-1007-1011-1003
affected
1017-1002-1007-1003
affected
1017-1003-1007-1003
affected
1017-1003-1009-1003
affected
1017-1005-1004-1005
affected
1017-1006-1013-1002
affected
1017-1013-1014-1005
affected
1018-1003-1005-1004
affected
1018-1003-1008-1003
affected
1018-1003-1008-1004
affected
1018-1003-1008PO-1003
affected
1018-1004-1005-1005
affected
1018-1007-1009-1003
affected
1018-1012-1011-1010
affected
1019-1004-1006-1005
affected
1019-1007-1009-1003
affected
1020-1003-1008-1003
affected
1020-1003-1008-1004
affected
1020-1004-1007-1006
affected
1020-1007-1008-1003
affected
1020-1007-1009-1003
affected
1021-1003-1008-1003
affected
1021-1003-1008-1004
affected
1021-1005-1006-1005
affected
1021-1005-1008-1006
affected
1021-1006-1015-1002
affected
1021-1007-1010-1003
affected
1022-1005-1007-1005
affected
1022-1005-1009-1007
affected
1022-1006-1015-1002
affected
1022-1013-1014-1010
affected
1022-1014-1016-1002-FFFF
affected
1022Y-1014Y-1016Y-1002Y-FFFF
affected
1023-1005-1008-1006
affected
1023-1007-1016-1003
affected
1024-1019-1019-1007
affected
1025-1006-1010-1007
affected
1025-1017-1017-1011
affected
1027-1007-1019-1003
affected
1027-1021-1021-1008
affected
1028-1021-1022-1008
affected
1031-1007-1022-1003
affected
1032-1022-1024-1008
affected
1033-1018-1021-1012
affected
1035-1005-1005-1004
affected
1035-1005-1005-1005
affected
1035-1005-1005-1005P
affected
1035-1007-1024-1003
affected
1035-1024-1025-1008
affected
1036-1005-1006-1005
affected
1036-1007-1024-1003
affected
1036-1014-1016-1016
affected
1037-1024-1027-1008
affected
1037-1025-1027-1008
affected
1038-1021-1024-1012
affected
1038-1021-1024-1012-A5
affected
1038-1025-1028-1008
affected
1039-1005-1008-1004
affected
1039-1005-1008-1005
affected
1039-1014-1017-1016
affected
1039D-1014D-1017D-1016D
affected
1040-1026-1029-1008
affected
1041-1005-1009-1005
affected
1042-1026-1030-1008
affected
1044-1026-1030-1008
affected
1044-1026-1031-1008
affected
1045-1015-1020-1018
affected
1046-1027-1032-1008
affected
1047-1027-1031-1008
affected
1049-1027-1033-1008
affected
1050-1027-1034-1008
affected
1050-1027-1036-1008
affected
1051-1027-1035-1008
affected
1051CZ-1028-1037-1008
affected
1052-1027-1034-1008
affected
1052-1028-1038-1008
affected
1052A-1028-1038A-1008
affected
1054-1027-1036-1008
affected
1054-1028-1036-1008
affected
1055-1028-1036-1008
affected
1056-1028-1037-1008
affected
1058-1028-1039-1008
affected
1062-1028-1041-1008
affected
1065-1029-1043-1008
affected
1068-1029-1043-1008
affected
1069-1029-1043-1008
affected
1071-1029-1044-1008
affected
1077-1017-1035-1007
affected
1077-1017-1035-1007-A6
affected
1077-1017-1035-1007-D4
affected
1077-1017-1035-1007-D705FF
affected
1078-1017-1036-1007
affected
1078-1017-1036-1007-A6
affected
1078-1017-1036-1007-D707FF
affected
1079-1017-1037-1007
affected
1079-1017-1037-1007-D4
affected
1W77-1W17-1W35-1W07-A6
affected
A077-1017-A035-1007
affected
A077-1017-A035-1007-A6
affected
A1035-1024-A1025-1008
affected
A1038-1025-A1028-1008-D4
affected
S681-S681-S681-S681
affected
S749-S749-S749-S749
affected
S818-S818-S818-S818
affected
S820-S820-S820-S820
affected
S823-S823-S823-S823
affected
S914V-S914V-S914V-S914V
affected
S984-S984-S984-S984
affected
Description
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints.
Problem types
CWE-290 Authentication Bypass by Spoofing
Product status
1000-1000-1000-1000
1000C-1000C-1000C-1000C
1001-1000-1000-1000
1001-1001-1000-1000
1002-1000-1000-1000
1002-1002-1000-1002
1002D-1000D-1000D-1000D
1003-1000-1000-1001
1003-1001-1001-1000
1003-1002-1001-1000
1004-1000-1000-1000
1004-1001-1001-1001
1004-1003-1001-1002
1004-1003-1002-1001
1004A-1001A-1002A-1000A
1005-1002-1001-1002
1005-1003-1001-1002
1005-1004-1002-1001
1005A-1001A-1002A-1001A
1005D-1001D-1002D-1001D
1006-1002-1001-1002
1006-1004-1003-1001
1007-1001-1003-1001
1007-1001-1004-1003
1007-1002-1001-1003
1007-1002-1003-1002
1007-1004-1003-1001
1008-1001-1003-1002
1008-1004-1004-1001
1008D-1003D-1004D-1002D
1008J-1004J-1004J-1001J
1009-1001-1004-1001
1009-1002-1005-1003
1009-1003-1005-1002
1010-1001-1004-1001
1010-1001-1004-1002
1010-1003-1005-1002
1010-1003-1006-1003
1010-1003-1006-1004
1010-1004-1007-1001
1010J-1001J-1004J-1001J
1010N-1003N-1005N-1002N
1011-1001-1002A-1002
1011-1001-1002D-1002
1011-1001-1003-1002
1011-1001-1004-1002
1011-1001-1005-1002
1011-1004-1005-1002
1012-1001-1005-1002
1012-1001-1005-1003
1012-1001-1005PO-1002
1012-1003-1007-1002
1012-1003-1007-1004
1013-1001-1005-1003
1013-1002-1006-1002
1013-1003-1008-1003
1013-1004-1008-1004
1013-1005-1005-1002
1013-1005-1007-1002
1013K-1005K-1007PO-1002K
1014-1002-1006-1002
1014-1002-1006-1003
1014-1003-1008-1003
1014-1005-1008-1002
1014B-1002B-1006B-1002B
1015-1001-1006-1003
1015-1002-1006-1003
1015-1002-1007-1002
1015-1003-1008-1003
1015-1005-1009-1004
1015-1006-1004-1002
1015-1006-1005-1002
1015-1006-1008-1002
1015C-1004C-1003C-1005C
1015K-1006K-1008PO-1002K
1016-1002-1007-1002
1016-1006-1013-1002
1016-1007-1009-1003
1016-1007-1011-1003
1017-1002-1007-1003
1017-1003-1007-1003
1017-1003-1009-1003
1017-1005-1004-1005
1017-1006-1013-1002
1017-1013-1014-1005
1018-1003-1005-1004
1018-1003-1008-1003
1018-1003-1008-1004
1018-1003-1008PO-1003
1018-1004-1005-1005
1018-1007-1009-1003
1018-1012-1011-1010
1019-1004-1006-1005
1019-1007-1009-1003
1020-1003-1008-1003
1020-1003-1008-1004
1020-1004-1007-1006
1020-1007-1008-1003
1020-1007-1009-1003
1021-1003-1008-1003
1021-1003-1008-1004
1021-1005-1006-1005
1021-1005-1008-1006
1021-1006-1015-1002
1021-1007-1010-1003
1022-1005-1007-1005
1022-1005-1009-1007
1022-1006-1015-1002
1022-1013-1014-1010
1022-1014-1016-1002-FFFF
1022Y-1014Y-1016Y-1002Y-FFFF
1023-1005-1008-1006
1023-1007-1016-1003
1024-1019-1019-1007
1025-1006-1010-1007
1025-1017-1017-1011
1027-1007-1019-1003
1027-1021-1021-1008
1028-1021-1022-1008
1031-1007-1022-1003
1032-1022-1024-1008
1033-1018-1021-1012
1035-1005-1005-1004
1035-1005-1005-1005
1035-1005-1005-1005P
1035-1007-1024-1003
1035-1024-1025-1008
1036-1005-1006-1005
1036-1007-1024-1003
1036-1014-1016-1016
1037-1024-1027-1008
1037-1025-1027-1008
1038-1021-1024-1012
1038-1021-1024-1012-A5
1038-1025-1028-1008
1039-1005-1008-1004
1039-1005-1008-1005
1039-1014-1017-1016
1039D-1014D-1017D-1016D
1040-1026-1029-1008
1041-1005-1009-1005
1042-1026-1030-1008
1044-1026-1030-1008
1044-1026-1031-1008
1045-1015-1020-1018
1046-1027-1032-1008
1047-1027-1031-1008
1049-1027-1033-1008
1050-1027-1034-1008
1050-1027-1036-1008
1051-1027-1035-1008
1051CZ-1028-1037-1008
1052-1027-1034-1008
1052-1028-1038-1008
1052A-1028-1038A-1008
1054-1027-1036-1008
1054-1028-1036-1008
1055-1028-1036-1008
1056-1028-1037-1008
1058-1028-1039-1008
1062-1028-1041-1008
1065-1029-1043-1008
1068-1029-1043-1008
1069-1029-1043-1008
1071-1029-1044-1008
1077-1017-1035-1007
1077-1017-1035-1007-A6
1077-1017-1035-1007-D4
1077-1017-1035-1007-D705FF
1078-1017-1036-1007
1078-1017-1036-1007-A6
1078-1017-1036-1007-D707FF
1079-1017-1037-1007
1079-1017-1037-1007-D4
1W77-1W17-1W35-1W07-A6
A077-1017-A035-1007
A077-1017-A035-1007-A6
A1035-1024-A1025-1008
A1038-1025-A1028-1008-D4
S681-S681-S681-S681
S749-S749-S749-S749
S818-S818-S818-S818
S820-S820-S820-S820
S823-S823-S823-S823
S914V-S914V-S914V-S914V
S984-S984-S984-S984
Credits
Gergely Eberhardt (SEARCH-LAB.hu)
References
www.exploit-db.com/exploits/40500
avtech.com/
web.archive.org/...6-AVTech-devices-multiple-vulnerabilities
web.archive.org/...1029201749/https://github.com/ebux/AVTECH
vulncheck.com/...ries/avtech-ipcamera-nvr-dvr-mulitple-vulns