First published: Tue Aug 06 2019(Updated: )
A CSRF issue was discovered in webparam?user&action=set¶m=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microdigital Mdc-n4090 Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n4090 | ||
Microdigital Mdc-n4090w Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n4090w | ||
Microdigital Mdc-n2190v Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n2190v |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-14703 is a CSRF vulnerability discovered in the webparam?user&action=set¶m=add endpoint in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5, which allows an attacker to create an admin account.
The severity of CVE-2019-14703 is high with a CVSS score of 8.8.
CVE-2019-14703 affects MicroDigital N-series cameras with firmware through 6400.0.8.5 by allowing an attacker to create an admin account through the webparam?user&action=set¶m=add endpoint.
To fix CVE-2019-14703, users should update their MicroDigital N-series camera firmware to a version higher than 6400.0.8.5.
No, MicroDigital Mdc-n4090 and Mdc-n4090w cameras are not vulnerable to CVE-2019-14703.