Zero Science Lab » COMMAX Smart Home Ruvie CCTV Bridge DVR Service Unauthenticated Config Write / DoS

COMMAX Smart Home Ruvie CCTV Bridge DVR Service Unauthenticated Config Write / DoS

Title: COMMAX Smart Home Ruvie CCTV Bridge DVR Service Unauthenticated Config Write / DoS
Advisory ID: ZSL-2021-5666
Type: Local/Remote
Impact: Manipulation of Data, DoS
Risk: (4/5)
Release Date: 15.08.2021

Summary

COMMAX Smart Home System is a smart IoT home solution for a large apartment complex that provides advanced life values and safety.

Description

The application allows an unauthenticated attacker to change the configuration of the DVR arguments and/or cause denial-of-service scenario through the setconf endpoint.

Vendor

COMMAX Co., Ltd. - https://www.commax.com

Affected Version

N/A

Tested On

GoAhead-Webs

Vendor Status

[02.08.2021] Vulnerability discovered.
[03.08.2021] Vendor contacted.
[04.08.2021] Vendor contacted.
[05.08.2021] No response from the vendor.
[06.08.2021] Vendor contacted.
[14.08.2021] No response from the vendor.
[15.08.2021] Public security advisory released.

PoC

commax_cctvwrite.txt

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5665.php
[2] https://www.exploit-db.com/exploits/50209
[3] https://packetstormsecurity.com/files/163852
[4] https://cxsecurity.com/issue/WLB-2021080066
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/207573

Changelog

[15.08.2021] - Initial release
[23.08.2021] - Added reference [2], [3], [4] and [5]

Contact

Zero Science Lab

Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk