Authentication Bypass in GeoVision Digital Video Surveillance System
CVE-2005-1552

Currently unrated

Key Information:

Vendor

Geovision

Status
Digital Surveillance System
Vendor
CVE Published:
14 May 2005

What is CVE-2005-1552?

The GeoVision Digital Video Surveillance System, versions 6.04, 6.1, and 7.0, has a flaw in its image creation feature that fails to properly secure JPEG images. Even when users configure a username and password, these images can be accessed directly by remote attackers. This vulnerability allows unauthorized parties to potentially gather sensitive information displayed in the images, creating serious privacy and security risks.

References

http://www.osvdb.org/16340
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/15330
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/13571
vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.