Security Advisory
CVE-2017-14743
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password.