CVE-2024-8956CISA KEV: Actively Exploited

PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

Published Nov 4, 2024·Updated Nov 4, 2024

Description

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free