Vulnerability Details : CVE-2019-12919
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device.
Products affected by CVE-2019-12919
- cpe:2.3:o:cylan:clever_dog_smart_camera_panorama_dog-2w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:cylan:clever_dog_smart_camera_plus_dog-2w-v4_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-12919
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-12919
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2019-12919
-
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-12919
-
https://www.exploit-db.com/exploits/46993
CleverDog Smart Camera DOG-2W / DOG-2W-V4 - Multiple VulnerabilitiesThird Party Advisory;VDB Entry
Jump to