Vulnerability Description
Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Biltema | Baby Camera Firmware | 124 |
| Biltema | Baby Camera | - |
| Biltema | Ip Camera Firmware | 124 |
| Biltema | Ip Camera | - |
Related Weaknesses (CWE)
References
- https://docs.biltema.com/v2/documents/file/nb/6a9ff001-a0e0-48c4-a802-83e8b5a5e2Vendor Advisory
- https://kth.diva-portal.org/smash/get/diva2:1729289/FULLTEXT01.pdfVendor Advisory
- https://docs.biltema.com/v2/documents/file/nb/6a9ff001-a0e0-48c4-a802-83e8b5a5e2Vendor Advisory
- https://kth.diva-portal.org/smash/get/diva2:1729289/FULLTEXT01.pdfVendor Advisory
FAQ
What is CVE-2022-34138?
CVE-2022-34138 is a vulnerability with a CVSS score of 7.5 (HIGH). Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.
How severe is CVE-2022-34138?
CVE-2022-34138 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-34138?
Check the references section above for vendor advisories and patch information. Affected products include: Biltema Baby Camera Firmware, Biltema Baby Camera, Biltema Ip Camera Firmware, Biltema Ip Camera.