CVE-2015-4464

EUVD-2015-4484
Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
kguardsecuritykg-sha104_firmware
2.0
kguardsecuritykg-sha108_firmware
2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/132437/Kguard-Digital-Video-Recorder-Bypass-Issues.html
http://www.securityfocus.com/archive/1/535822/100/0/threaded
http://www.securityfocus.com/bid/73032
https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_Vulnerabilities
http://packetstormsecurity.com/files/132437/Kguard-Digital-Video-Recorder-Bypass-Issues.html
http://www.securityfocus.com/archive/1/535822/100/0/threaded
http://www.securityfocus.com/bid/73032
https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_Vulnerabilities