CyberSec.Space Logo
Back to CVE Browser

CVE-2018-5560

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile35.44th
PublishedJan 31, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device.

Affected Platforms (CPE)

πŸ’»
Guardzilla

Gz521w Firmware

All versions

References & Advisories

πŸ”— https://blog.rapid7.com/2018/12/27/r7-2018-52-guardzilla-iot-video-camera-hard-coded-credential-cve-2018-5560/
πŸ”— https://www.0dayallday.org/guardzilla-video-camera-hard-coded-aws-credentials/
πŸ”— https://blog.rapid7.com/2018/12/27/r7-2018-52-guardzilla-iot-video-camera-hard-coded-credential-cve-2018-5560/
πŸ”— https://www.0dayallday.org/guardzilla-video-camera-hard-coded-aws-credentials/

Related Vulnerabilities

CVE-2018-026810.0

A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenti...

CVE-2018-022210.0

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...