Hunt CCTV DVR.cfg Direct Request Information Disclosure
Low Nessus Plugin ID 64483
SynopsisThe remote web server is prone to an information disclosure attack.
DescriptionThe remote web server appears to be part of a digital video recorder
(DVR), such as models of Hunt CCTV, that is affected by an information
disclosure vulnerability. Specifically, an unauthenticated remote
attacker can retrieve the device's configuration file, 'DVR.cfg', which
contains sensitive information, such as credentials in plaintext. This
information could facilitate other attacks.
SolutionUnknown at this time.