Skip to content

Commit

Permalink
1 changes (1 new | 0 updated):
Browse files Browse the repository at this point in the history 
      - 1 new CVEs:  CVE-2024-13131
      - 0 updated CVEs:
  • Loading branch information
cvelistV5 Github Action committed Jan 5, 2025
1 parent b1dd148 commit 9701292
Show file tree
Hide file tree
Showing 3 changed files with 215 additions and 33 deletions.
196 changes: 196 additions & 0 deletions cves/2024/13xxx/CVE-2024-13131.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,196 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2024-13131",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"state": "PUBLISHED",
"assignerShortName": "VulDB",
"dateReserved": "2025-01-04T09:11:22.615Z",
"datePublished": "2025-01-05T03:00:14.594Z",
"dateUpdated": "2025-01-05T03:00:14.594Z"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2025-01-05T03:00:14.594Z"
},
"title": "Dahua IPC-HFW1200S Web Interface webCapsConfig information disclosure",
"problemTypes": [
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-200",
"lang": "en",
"description": "Information Disclosure"
}
]
},
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-284",
"lang": "en",
"description": "Improper Access Controls"
}
]
}
],
"affected": [
{
"vendor": "Dahua",
"product": "IPC-HFW1200S",
"versions": [
{
"version": "20241222",
"status": "affected"
}
],
"modules": [
"Web Interface"
]
},
{
"vendor": "Dahua",
"product": "IPC-HFW2300R-Z",
"versions": [
{
"version": "20241222",
"status": "affected"
}
],
"modules": [
"Web Interface"
]
},
{
"vendor": "Dahua",
"product": "IPC-HFW5220E-Z",
"versions": [
{
"version": "20241222",
"status": "affected"
}
],
"modules": [
"Web Interface"
]
},
{
"vendor": "Dahua",
"product": "IPC-HDW1200S",
"versions": [
{
"version": "20241222",
"status": "affected"
}
],
"modules": [
"Web Interface"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S bis 20241222 entdeckt. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /web_caps/webCapsConfig der Komponente Web Interface. Durch die Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."
}
],
"metrics": [
{
"cvssV4_0": {
"version": "4.0",
"baseScore": 6.9,
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"baseSeverity": "MEDIUM"
}
},
{
"cvssV3_1": {
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
}
},
{
"cvssV3_0": {
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
}
},
{
"cvssV2_0": {
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
}
}
],
"timeline": [
{
"time": "2025-01-04T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2025-01-04T01:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2025-01-04T10:16:42.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "netsecfish (VulDB User)",
"type": "reporter"
}
],
"references": [
{
"url": "https://vuldb.com/?id.290205",
"name": "VDB-290205 | Dahua IPC-HFW1200S Web Interface webCapsConfig information disclosure",
"tags": [
"vdb-entry"
]
},
{
"url": "https://vuldb.com/?ctiid.290205",
"name": "VDB-290205 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.464258",
"name": "Submit #464258 | IntelBras VIP S3020 G2, VIP S4020 G2, VIP S4320 G2, VIP S4020 G3, IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z, IPC-HDW1200S N/A Information Disclosure",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73",
"tags": [
"exploit"
]
}
]
}
}
}
10 changes: 5 additions & 5 deletions cves/delta.json
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"fetchTime": "2025-01-05T01:03:06.970Z",
"fetchTime": "2025-01-05T03:01:48.338Z",
"numberOfChanges": 1,
"new": [
{
"cveId": "CVE-2024-13130",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-13130",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/13xxx/CVE-2024-13130.json",
"dateUpdated": "2025-01-05T01:00:12.751Z"
"cveId": "CVE-2024-13131",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-13131",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/13xxx/CVE-2024-13131.json",
"dateUpdated": "2025-01-05T03:00:14.594Z"
}
],
"updated": [],
Expand Down
42 changes: 14 additions & 28 deletions cves/deltaLog.json
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,18 @@
[
{
"fetchTime": "2025-01-05T03:01:48.338Z",
"numberOfChanges": 1,
"new": [
{
"cveId": "CVE-2024-13131",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-13131",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/13xxx/CVE-2024-13131.json",
"dateUpdated": "2025-01-05T03:00:14.594Z"
}
],
"updated": [],
"error": []
},
{
"fetchTime": "2025-01-05T01:03:06.970Z",
"numberOfChanges": 1,
Expand Down Expand Up @@ -119101,33 +119115,5 @@
],
"updated": [],
"error": []
},
{
"fetchTime": "2024-12-06T02:13:35.591Z",
"numberOfChanges": 1,
"new": [
{
"cveId": "CVE-2024-11149",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-11149",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/11xxx/CVE-2024-11149.json",
"dateUpdated": "2024-12-06T01:56:12.697Z"
}
],
"updated": [],
"error": []
},
{
"fetchTime": "2024-12-06T01:34:52.571Z",
"numberOfChanges": 1,
"new": [
{
"cveId": "CVE-2024-49041",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-49041",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/49xxx/CVE-2024-49041.json",
"dateUpdated": "2024-12-06T01:09:11.856Z"
}
],
"updated": [],
"error": []
}
]

0 comments on commit 9701292

Please sign in to comment.