CVE-2022-30620
8.2
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Summary
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". Administrative Privileges which allows changing various configuration in the camera.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cellinx | Cellinx NVT - IP PTZ Camera | 3.2.1 < 3.2.0* | affected |
Weaknesses
- Privilege Escalation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.