CVE-2015-4464 Information

Description

Kguard Digital Video Recorder 104 108 v2 does not have any authorization or authentication between an ActiveX client and the application server.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://packetstormsecurity.com/files/132437/Kguard-Digital-Video-Recorder-Bypass-Issues.html http://www.securityfocus.com/archive/1/535822/100/0/threaded http://www.securityfocus.com/bid/73032 https://www.academia.edu/11677554/Kguard_Digital_Video_Recorders_Multiple_Vulnerabilities

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8