Vulnerability Description
Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kguardsecurity | Kg-Sha104 Firmware | 2.0 |
| Kguardsecurity | Kg-Sha104 | - |
| Kguardsecurity | Kg-Sha108 Firmware | 2.0 |
| Kguardsecurity | Kg-Sha108 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/132437/Kguard-Digital-Video-Recorder-BypassExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/535822/100/0/threaded
- http://www.securityfocus.com/bid/73032Third Party AdvisoryVDB Entry
- https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_VulnerExploitTechnical DescriptionThird Party Advisory
- http://packetstormsecurity.com/files/132437/Kguard-Digital-Video-Recorder-BypassExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/535822/100/0/threaded
- http://www.securityfocus.com/bid/73032Third Party AdvisoryVDB Entry
- https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_VulnerExploitTechnical DescriptionThird Party Advisory
FAQ
What is CVE-2015-4464?
CVE-2015-4464 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server.
How severe is CVE-2015-4464?
CVE-2015-4464 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-4464?
Check the references section above for vendor advisories and patch information. Affected products include: Kguardsecurity Kg-Sha104 Firmware, Kguardsecurity Kg-Sha104, Kguardsecurity Kg-Sha108 Firmware, Kguardsecurity Kg-Sha108.