CVE-2018-17240 Information

Description

There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated attacker to exfiltrate sensitive information from the network configuration (e.g. username and password).

Reference

https://www.bbge.org/file/exploit.py https://github.com/BBge/CVE-2018-17240/blob/main/exploit.py https://github.com/BBge/CVE-2018-17240