CVE-2025-1739
Multiple vulnerabilities in Trivision Camera NC227WF
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.1EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
27 feb 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrator's credentials in cleartext by sending a request against the server using curl with random credentials to "/en/player/activex_pal.asp" and successfully authenticating the application.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Productos afectados
Trivision · Camera NC227WF¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →