{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T07:04:50.460","vulnerabilities":[{"cve":{"id":"CVE-2018-12666","sourceIdentifier":"cve@mitre.org","published":"2018-10-19T22:29:00.257","lastModified":"2024-11-21T03:45:38.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255."},{"lang":"es","value":"Las cámaras HD L-SERIES de SV3C V2.3.4.2103-S50-NTD-B20170508B identifican erróneamente a los usuarios solo por su nivel de autenticación enviado en las cookies, lo que permite que atacantes remotos omitan la autenticación y obtengan acceso de administrador estableciendo la cookie authLevel en 255."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:*","matchCriteriaId":"04629989-19B2-4918-8BF0-595A0D41AF15"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:*:*:*:*:*:*:*","matchCriteriaId":"75735EC9-F77D-4631-AD88-05832AEBBDFF"},{"vulnerable":false,"criteria":"cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:*:*:*:*:*:*:*","matchCriteriaId":"D34E8126-3534-4675-AC35-10108A27DF81"},{"vulnerable":false,"criteria":"cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:*:*:*:*:*:*:*","matchCriteriaId":"14196DC9-EC58-4398-BE34-214ABCC39DE8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170823b:*:*:*:*:*:*:*","matchCriteriaId":"217C05D7-FD38-4BF4-8CD4-6DB6D3BA208D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:*:*:*:*:*:*:*","matchCriteriaId":"75735EC9-F77D-4631-AD88-05832AEBBDFF"},{"vulnerable":false,"criteria":"cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:*:*:*:*:*:*:*","matchCriteriaId":"D34E8126-3534-4675-AC35-10108A27DF81"},{"vulnerable":false,"criteria":"cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:*:*:*:*:*:*:*","matchCriteriaId":"14196DC9-EC58-4398-BE34-214ABCC39DE8"}]}]}],"references":[{"url":"https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}