An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts.
References
Link | Resource |
---|---|
https://github.com/648540858/wvp-GB28181-pro/issues/1456 | Exploit Issue Tracking |
https://github.com/648540858/wvp-GB28181-pro/issues/1456 | Exploit Issue Tracking |
Configurations
History
13 Jun 2025, 14:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Wvp-pro
Wvp-pro gb28181 |
|
CPE | cpe:2.3:a:wvp-pro:gb28181:2.0:*:*:*:pro:*:*:* | |
References | () https://github.com/648540858/wvp-GB28181-pro/issues/1456 - Exploit, Issue Tracking |
21 Nov 2024, 09:22
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/648540858/wvp-GB28181-pro/issues/1456 - |
06 Sep 2024, 17:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-613 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
13 Jun 2024, 18:36
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
12 Jun 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-12 21:15
Updated : 2025-06-13 14:46
NVD link : CVE-2024-36523
Mitre link : CVE-2024-36523
CVE.ORG link : CVE-2024-36523
JSON object : View
Products Affected
wvp-pro
- gb28181
CWE
CWE-613
Insufficient Session Expiration