An attacker can send an HTTP request to the following URL to exploit this vulnerability: To exploit this vulnerability, an attacker needs to host a website on a server and send an HTTP request to the following URL to exploit this vulnerability: https://[HOST]/ye.v1.WWBN.AVideo/objectypt/?s=&d= where [HOST] is the hostname of the targeted device and ye.v1.WWBN.AVideo is the subdomain for the targeted device. An attacker can host a website on a server, send an HTTP request to the following URL to exploit this vulnerability: https://[HOST]/ye.v1.WWBN.AVideo/objectypt/?s=&d= where [HOST] is the hostname of the targeted device and ye.v1.WWBN.AVideo is the subdomain for the targeted device. After receiving the response, the response will be sent to the attacker. Using a SQL injection, the attacker can submit a request to change the device's video schedule to one of the following: An action that the device cannot perform, such as deleting or renaming a video.

An action that causes an error.

An action that causes a device reset. In addition, the SQL request can be modified by adding additional SQL statements to the request.

Mitigation Measures for CVSS-2022-34652

This vulnerability can be mitigated by using a firewall.

Vulnerable firmware versions

The following firmware versions are vulnerable to this vulnerability:

- Firmware version 1.0.0.12
- Firmware version 1.1.1.14
- Firmware version 1.2.3.15
- Firmware version 1.3.2.16

Vulnerability details

An attacker can send an HTTP request to the following URL to exploit this vulnerability: To exploit this vulnerability, an attacker needs to host a website on a server and send an HTTP request to the following URL to exploit this vulnerability: https://[HOST]/ye.v1.WWBN.AVideo/objectypt/?s=&d= where [HOST] is the hostname of the targeted device and ye.v1.WWBN.AVideo is the subdomain for the targeted device. An attacker can host a website on a server, send an HTTP request to the following URL to exploit this vulnerability: https://[HOST]/ye.v1.WWBN.AVideo/objectypt/?s=&d= where [HOST] is the hostname of the targeted device and ye.v1.WWBN.AVideo is the subdomain for the targeted device. After receiving the response, the response will be sent to the attacker. Using a SQL injection, the attacker can submit a request to change the device's video schedule to one of these values: An action that causes an error or causes a reset

Technical Operations

The attacker can send an HTTP request to the following URL to exploit this vulnerability: To exploit this vulnerability, an attacker needs to host a website on a server and send an HTTP request to the following URL to exploit this vulnerability: https://[HOST]/ye.v1.WWBN.AVideo/objectypt/?s=&d= where [HOST] is the hostname of the targeted device and ye.v1.WWBN.AVideo is the subdomain for the targeted device. An attacker can host a website on a server, send an HTTP request to the following URL to exploit this vulnerability: https://[HOST]/ye.v1.WWBN.AVideo/objectypt/?s=&d= where [HOST] is the hostname of the targeted device and ye.v1.WWBN.AVideo is the subdomain for the targeted device. After receiving the response, the response will be sent to the attacker by using a SQL injection, which will allow them to submit a request that changes the device's video schedule or causes errors or resets it

Timeline

Published on: 08/22/2022 19:15:00 UTC
Last modified on: 08/24/2022 14:03:00 UTC

References