Security Advisory

CVE-2025-1739

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-27 12:45:26

Last updated 2025-02-27 14:24:12

Assigner INCIBE

State PUBLISHED

Description

An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrators credentials in cleartext by sending a request against the server using curl with random credentials to "/en/player/activex_pal.asp" and successfully authenticating the application.

← Browse all CVEs View on cve.org ↗