QwikSec

Security Database

CVE

CWE

Training

CVE-2018-16225

Published: Sep 18, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android), which results in an attacker being able to reuse cookies to bypass authentication and disable the camera.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20180916 [CVE-2018-16225] QBee MultiSensor Camera LAN Traffic Vulnerability

mailing-list

x_refsource_FULLDISC

https://blog.francescoservida.ch/2018/09/16/cve-2018-16225-public-disclosure-qbee-camera-vulnerability/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.