CVE-2018-5560

Summary

A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device.

Affected Software

VendorProductVersion RangeStatus
Practecol, LLCGuardzilla All-In-One Video Security System2018affected

Weaknesses

  • CWE-798: CWE-798
  • Use of Hard-coded Credentials

Workarounds

Users concerned with video privacy should disable the cloud storage functionality provided by the vendor.

ADP Enrichment

CVE Program Container

Additional References

References