Primary

Context

Davantis DFUSION Inadequate Access Control Vulnerability Allowing Unauthorized Media Access

Vulnerability

An access control vulnerability has been identified in Davantis DFUSION version 6.177.7. This vulnerability allows unauthorized individuals to access and extract images and videos related to alarm events. The issue arises from inadequate access controls on the media files, which can be accessed through a specific URL pattern. The 'MEDIA' parameter in the URL can be replaced with 'snapshot' or 'video.mp4', enabling access to images or video recordings captured by security cameras in response to alarm events.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive media files, including images and videos recorded by security cameras during alarm events.

Remediation

Users can upgrade to Davantis DFUSION version 6.186.1 or later to address this vulnerability.

Added: Nov 24, 2025, 1:17 PM

Updated: Nov 24, 2025, 1:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Davantis DFUSION Inadequate Access Control Vulnerability Allowing Unauthorized Media Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating