CVE-2024-39220 Information
Jul 04, 2024
cve
Description
BAS-IP AV-01D AV-01MD AV-01MFD AV-01ED AV-01KD AV-01BD AV-01KBD AV-02D AV-02IDE AV-02IDR AV-02IPD AV-02FDE AV-02FDR AV-03D AV-03BD AV-04AFD AV-04ASD AV-04FD AV-04SD AV-05FD AV-05SD AA-07BD AA-07BDI BA-04BD BA-04MD BA-08BD BA-08MD BA-12BD BA-12MD CR-02BD before firmware v3.9.2 allows authenticated attackers to read SIP account passwords via a crafted GET request.
Reference
https://bas-ip.com/bsa-000001 https://github.com/DrieVlad/BAS-IP-vulnerabilities
Share on: