CVE-2018-18428 – TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure

https://notcve.org/view.php?id=CVE-2018-18428

TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI. Los dispositivos TP-Link TL-SC3130 1.6.18P12_121101 permiten el acceso no autenticado al flujo RTSP, tal y como queda demostrado con un URI /jpg/image.jpg. TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure. • https://www.exploit-db.com/exploits/45632 https://packetstormsecurity.com/files/149843 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5497.php • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •