Compro Technology IP Camera – ‘ mjpegStreamer.cgi’ Screenshot Disclosure

Exploit Database
46 阅读

作者： icekam

日期： 2021-09-02
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/50254/

# Exploit Title: Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure
# Date: 2021-09-30
# Exploit Author: icekam,xiao13,Rainbow,tfsec
# Software Link: http://www.comprotech.com.hk/
# Version: Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, TN540
# CVE : CVE-2021-40382

There is an unauthorized access vulnerability, which can lead to
unauthorized access to camera video screenshots.

Payload:

/mjpegStreamer.cgi

please refer to:
https://github.com/icekam/0day/blob/main/Compro-Technology-Camera-has-multiple-vulnerabilities.md

last Exploits
Compro Technology IP Camera – ‘ mjpegStreamer.cgi’ Screenshot Disclosure的更多信息

Netgear Routers – Password Disclosure：
Joomla! Component com_jvideodirect – Directory Traversal：
Delux Same Day Delivery Script 1.0 – SQL Injection：
Contrexx ShopSystem 2.2 SP3 – Blind SQL Injection：
Creato Script – SQL Injection：
SPIP v4.2.0 – Remote Code Execution (Unauthenticated)：
WordPress Plugin Slideshow Gallery 1.4.6 – Arbitrary File Upload：
Dell EqualLogic Storage – Directory Traversal：