Catalin Cimpanu on Nostr: German security firm SySS has discovered 11 vulnerabilities affecting the C-MOR video ...
German security firm SySS has discovered 11 vulnerabilities affecting the C-MOR video surveillance software platform.
The security flaws include SQL injection, cross-site scripting, and OS command injection bugs that can be exploited to gain admin access over the platform and disable IP camera video feeds.
C-MOR released a patch at the end of July that only fixes six of the reported bugs.
https://www.syss.de/pentest-blog/mehrere-sicherheitsschwachstellen-in-videoueberwachungssoftware-c-mor-syss-2024-020-bis-030
The security flaws include SQL injection, cross-site scripting, and OS command injection bugs that can be exploited to gain admin access over the platform and disable IP camera video feeds.
C-MOR released a patch at the end of July that only fixes six of the reported bugs.
https://www.syss.de/pentest-blog/mehrere-sicherheitsschwachstellen-in-videoueberwachungssoftware-c-mor-syss-2024-020-bis-030