CVE Published: 28/04/2021 |
CVE Updated: 17/09/2024 |
CVE Year: 2021 Source: twcert |
Vendor: MERIT LILIN ENT.CO.,LTD. |
Product: P2/Z2/P3/Z3 IP camera firmware Status : PUBLISHED
CVE-2021-30167 Description
The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.
Metrics
CVSS Version: 3.1 |
Base Score: 9.8 CRITICAL Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H