CVE-2024-37665: n/a
CVE-2024-37665 is a high-severity access control vulnerability in Wvp GB28181 Pro 2. 0 that allows authenticated attackers to escalate their privileges to Administrator by sending a specially crafted POST request. The flaw stems from improper authorization checks, categorized under CWE-269 (Improper Privilege Management). Exploitation requires the attacker to have some level of authenticated access but does not require user interaction. The vulnerability impacts confidentiality, integrity, and availability, as attackers gaining administrative control can manipulate system settings, access sensitive data, or disrupt services. No patches have been published yet, and no known exploits are currently in the wild. Organizations using Wvp GB28181 Pro 2. 0 should prioritize mitigation to prevent potential privilege escalation attacks. Countries with significant deployments of this software, especially those with critical infrastructure relying on GB28181 protocol implementations, are at higher risk.
AI Analysis
Technical Summary
CVE-2024-37665 is an access control vulnerability identified in Wvp GB28181 Pro 2.0, a software product implementing the GB28181 standard commonly used for video surveillance and security systems. The vulnerability allows an attacker who has already authenticated with the system to escalate their privileges to Administrator by sending a crafted POST request. This indicates a failure in proper authorization checks within the application, specifically an improper privilege management issue (CWE-269). The CVSS v3.1 base score is 8.8, reflecting a high severity due to the network attack vector (AV:N), low attack complexity (AC:L), and the requirement of privileges (PR:L) but no user interaction (UI:N). The impact includes full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H), meaning an attacker can potentially access sensitive information, alter configurations, or disrupt system operations. The vulnerability affects all versions of Wvp GB28181 Pro 2.0, though specific affected versions are not detailed. No patches or fixes have been released at the time of publication, and there are no known exploits in the wild, but the risk remains significant given the nature of the flaw and the critical role of the affected software in security infrastructure.
Potential Impact
The vulnerability allows attackers with authenticated access to gain full administrative privileges, which can lead to complete system compromise. This includes unauthorized access to sensitive surveillance data, manipulation or deletion of video feeds, disruption of security monitoring services, and potential pivoting to other network segments. Organizations relying on Wvp GB28181 Pro 2.0 for video surveillance and security management could face severe operational disruptions, data breaches, and loss of trust. The high severity and ease of exploitation (low complexity, no user interaction) increase the risk of targeted attacks, especially in environments where multiple users have authenticated access with limited privileges. The absence of patches elevates the urgency for organizations to implement compensating controls to mitigate risk.
Mitigation Recommendations
1. Immediately review and restrict authenticated user privileges to the minimum necessary to reduce the attack surface. 2. Implement network segmentation and access controls to limit access to the Wvp GB28181 Pro 2.0 management interfaces only to trusted administrators and systems. 3. Monitor logs and network traffic for unusual POST requests or privilege escalation attempts targeting the application. 4. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious crafted POST requests that may exploit this vulnerability. 5. Engage with the vendor or community to obtain patches or updates as soon as they become available. 6. Conduct regular security assessments and penetration testing focused on access control mechanisms within the application. 7. Educate users with authenticated access about the risks and encourage strong authentication practices to prevent credential compromise.
Affected Countries
China, United States, Russia, India, South Korea, Japan, Germany, United Kingdom, France, Brazil
CVE-2024-37665: n/a
Description
CVE-2024-37665 is a high-severity access control vulnerability in Wvp GB28181 Pro 2. 0 that allows authenticated attackers to escalate their privileges to Administrator by sending a specially crafted POST request. The flaw stems from improper authorization checks, categorized under CWE-269 (Improper Privilege Management). Exploitation requires the attacker to have some level of authenticated access but does not require user interaction. The vulnerability impacts confidentiality, integrity, and availability, as attackers gaining administrative control can manipulate system settings, access sensitive data, or disrupt services. No patches have been published yet, and no known exploits are currently in the wild. Organizations using Wvp GB28181 Pro 2. 0 should prioritize mitigation to prevent potential privilege escalation attacks. Countries with significant deployments of this software, especially those with critical infrastructure relying on GB28181 protocol implementations, are at higher risk.
AI-Powered Analysis
Technical Analysis
CVE-2024-37665 is an access control vulnerability identified in Wvp GB28181 Pro 2.0, a software product implementing the GB28181 standard commonly used for video surveillance and security systems. The vulnerability allows an attacker who has already authenticated with the system to escalate their privileges to Administrator by sending a crafted POST request. This indicates a failure in proper authorization checks within the application, specifically an improper privilege management issue (CWE-269). The CVSS v3.1 base score is 8.8, reflecting a high severity due to the network attack vector (AV:N), low attack complexity (AC:L), and the requirement of privileges (PR:L) but no user interaction (UI:N). The impact includes full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H), meaning an attacker can potentially access sensitive information, alter configurations, or disrupt system operations. The vulnerability affects all versions of Wvp GB28181 Pro 2.0, though specific affected versions are not detailed. No patches or fixes have been released at the time of publication, and there are no known exploits in the wild, but the risk remains significant given the nature of the flaw and the critical role of the affected software in security infrastructure.
Potential Impact
The vulnerability allows attackers with authenticated access to gain full administrative privileges, which can lead to complete system compromise. This includes unauthorized access to sensitive surveillance data, manipulation or deletion of video feeds, disruption of security monitoring services, and potential pivoting to other network segments. Organizations relying on Wvp GB28181 Pro 2.0 for video surveillance and security management could face severe operational disruptions, data breaches, and loss of trust. The high severity and ease of exploitation (low complexity, no user interaction) increase the risk of targeted attacks, especially in environments where multiple users have authenticated access with limited privileges. The absence of patches elevates the urgency for organizations to implement compensating controls to mitigate risk.
Mitigation Recommendations
1. Immediately review and restrict authenticated user privileges to the minimum necessary to reduce the attack surface. 2. Implement network segmentation and access controls to limit access to the Wvp GB28181 Pro 2.0 management interfaces only to trusted administrators and systems. 3. Monitor logs and network traffic for unusual POST requests or privilege escalation attempts targeting the application. 4. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious crafted POST requests that may exploit this vulnerability. 5. Engage with the vendor or community to obtain patches or updates as soon as they become available. 6. Conduct regular security assessments and penetration testing focused on access control mechanisms within the application. 7. Educate users with authenticated access about the risks and encourage strong authentication practices to prevent credential compromise.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2024-06-10T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699f6c6db7ef31ef0b563e16
Added to database: 2/25/2026, 9:41:01 PM
Last enriched: 2/26/2026, 5:18:28 AM
Last updated: 2/26/2026, 8:02:22 AM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-25191: Uncontrolled Search Path Element in Digital Arts Inc. FinalCode Ver.5 series
HighCVE-2026-23703: Incorrect default permissions in Digital Arts Inc. FinalCode Ver.5 series
HighCVE-2026-1311: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in bearsthemes Worry Proof Backup
HighCVE-2026-2506: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motahar1 EM Cost Calculator
MediumCVE-2026-2499: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in tgrk Custom Logo
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.