SynopsisThe remote web server is prone to an information disclosure attack.
DescriptionThe remote web server appears to be part of a digital video recorder (DVR), such as models of Hunt CCTV, that is affected by an information disclosure vulnerability. Specifically, an unauthenticated remote attacker can retrieve the device's configuration file, 'DVR.cfg', which contains sensitive information, such as credentials in plaintext. This information could facilitate other attacks.
SolutionUnknown at this time.