Videoflow digital video protection (dvp) 2.10 hardcoded credentials Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-04-02 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Videoflow digital video protection (dvp) 2.10 hardcoded credentials is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution
System = Indicate if the DVP is configured as Protector, Sentinel or Fortress
Version = The Operating System SW version number
Image version = Production Image version
Summary: VideoFlow's Digital Video Protection (DVP) product is used by
leading companies worldwide to boost the reliability of IP networks, including
the public Internet, for professional live broadcast. DVP enables broadcast
companies to confidently contribute and distribute live video over IP with
unprecedented levels of service continuity, at a fraction of the cost of
leased lines or satellite links. It accelerates ROI by reducing operational
costs and enabling new revenue streams across a wide variety of markets.
Desc: The affected device suffers from authenticated remote code execution
vulnerability. Including a CSRF, a remote attacker can exploit this issue
and execute arbitrary system commands granting her system access with root
privileges.