FKIE_CVE-2024-13894

Vulnerability from fkie_nvd - Published: 2025-03-06 14:15 - Updated: 2025-03-06 14:15
Severity ?
5.9 (Medium) - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to path traversal. When an affected device is connected to a mobile app, it opens a port 10000 enabling a user to download pictures shot at specific moments by providing paths to the files. However, the directories to which a user has access are not limited, allowing for path traversal attacks and downloading sensitive information. The vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.
References
cvd@cert.plhttps://cert.pl/en/posts/2025/03/CVE-2024-13892/
cvd@cert.plhttps://www.smartwares.eu/en-gb/smartwares-cip-37210at-indoor-wi-fi-camera-cip--37210at
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Smartwares cameras\u00a0CIP-37210AT and\u00a0C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to path traversal. \nWhen an affected device is connected to a mobile app, it opens a port 10000 enabling a user to download pictures shot at specific moments by providing paths to the files. However, the directories to which a user has access are not limited, allowing for path traversal attacks and downloading sensitive information.\nThe vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well."
    },
    {
      "lang": "es",
      "value": "Smartwares cameras CIP-37210AT y C724IP, as\u00ed como otras que comparten el mismo firmware en versiones hasta la 3.3.0, son vulnerables a ataques de path traversal. Cuando un dispositivo afectado se conecta a una aplicaci\u00f3n m\u00f3vil, abre un puerto 10000 que permite al usuario descargar im\u00e1genes tomadas en momentos espec\u00edficos proporcionando rutas a los archivos. Sin embargo, los directorios a los que tiene acceso un usuario no est\u00e1n limitados, lo que permite ataques de path traversal y la descarga de informaci\u00f3n confidencial. El proveedor no ha respondido a los informes, por lo que el estado de la aplicaci\u00f3n de parches sigue siendo desconocido. Las versiones de firmware m\u00e1s nuevas tambi\u00e9n podr\u00edan ser vulnerables."
    }
  ],
  "id": "CVE-2024-13894",
  "lastModified": "2025-03-06T14:15:35.777",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "cvd@cert.pl",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-03-06T14:15:35.777",
  "references": [
    {
      "source": "cvd@cert.pl",
      "url": "https://cert.pl/en/posts/2025/03/CVE-2024-13892/"
    },
    {
      "source": "cvd@cert.pl",
      "url": "https://www.smartwares.eu/en-gb/smartwares-cip-37210at-indoor-wi-fi-camera-cip--37210at"
    }
  ],
  "sourceIdentifier": "cvd@cert.pl",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "cvd@cert.pl",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.