PTZOptics NDI and SID Cameras /cgi-bin/param.cgi Insufficient Authentication

Go back

severity: critical
date: September 17, 2024
Affecting: PTZOptics PT30X-SDI before 6.3.40
PTZOptics PT30X-NDI-xx-G2 before 6.3.40
Other white-label AV equipment based on ValueHD Corporation PTZ Camera Firmware
CVE: CVE-2024-8956
CVE type: Improper Authorization
CVSS: 9.1
CVSS V3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References: Firmware Changelog
Credit: Konstantin Lazarev of GreyNoise