Telnet Authentication Flaw in Cisco Video Surveillance Products
CVE-2007-4747

Currently unrated

Key Information:

Vendor: Cisco
Status: Video Surveillance Sp Isp Decoder Software; Video Surveillance Ip Gateway Encoder Decoder; Video Surveillance Sp Isp
Vendor: CVE Published:; 6 September 2007

Summary

The telnet service in specific versions of Cisco Video Surveillance products does not require authentication, allowing remote attackers to execute administrative actions without credentials. This vulnerability potentially exposes the system to significant security risks, enabling unauthorized access and manipulation of surveillance functions.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://osvdb.org/37503

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/25549

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 6, 2007
Vulnerability Reserved
Sep 6, 2007