cvedb.io
CVE-2017-17106
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-12-19T02:29:41.597 · Last modified 2026-06-17T01:10:21.433

Summary

Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. This vulnerability exists because of a lack of authentication checks in requests to CGI pages.

Affected products

zivif — pr115-204-p-rs_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when zivif ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.