CVE-2022-30620

Summary

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". Administrative Privileges which allows changing various configuration in the camera.

Affected Software

VendorProductVersion RangeStatus
CellinxCellinx NVT - IP PTZ Camera3.2.1 < 3.2.0*affected

Weaknesses

  • Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

References