Primary

Context

i-PRO Surveillance Cameras Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in multiple network camera models provided by i-PRO Co., Ltd., including the WV-X Series, WV-S Series, and WV-U Series. This vulnerability affects versions prior to 2.80, 2.85, and 3.45. When a user views a specially crafted page while logged into the affected camera, it may trigger unintended actions.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of the user.

Remediation

Users are advised to update the camera's firmware to the latest version available. The updated versions can be downloaded from the i-PRO website.

Added: Jun 6, 2025, 5:19 AM

Updated: Jun 6, 2025, 5:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

i-PRO Surveillance Cameras Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating