← back
CVE-2024-35342

CVE-2024-35342

CVSS 4.6 MEDIUMEPSS 0.2%CWE-306
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Certain Anpviz products allow unauthenticated users to modify or disable camera related settings such as microphone volume, speaker volume, LED lighting, NTP, motion detection, etc. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected products
n/a · n/a