MidnightBSD

Advisories for wvp-pro

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts.

Products Affected

Vendor Product Version
wvp-pro gb28181 2.0
CVE-2024-37665

An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request.

Products Affected

Vendor Product Version
wvp-pro gb28181 2.0