CVE-2024-45172 identifies a cross-site request forgery (CSRF) vulnerability in the za-internet C-MOR Video Surveillance system, specifically versions 5.2401 and 6.00PL01. The root cause is the lack of CSRF protection mechanisms in the web interface, which means that the system does not validate that requests originate from legitimate user interactions within the authenticated session. CSRF attacks exploit the trust a web application places in the user's browser by tricking authenticated users into submitting malicious requests unknowingly, potentially altering configurations, disabling security features, or triggering other administrative actions. The CVSS 3.1 base score of 6.8 reflects a medium severity, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring high privileges (PR:H), and user interaction (UI:R). The impact on confidentiality, integrity, and availability is high, as an attacker could manipulate video surveillance settings or access sensitive video feeds. Although no public exploits or patches are currently available, the vulnerability represents a significant risk due to the critical nature of surveillance systems in security operations. The CWE-352 classification confirms the vulnerability type as CSRF. Organizations using these versions should be aware of the risk and take immediate steps to mitigate potential exploitation.

The vulnerability could allow attackers to perform unauthorized actions on the C-MOR Video Surveillance system by leveraging authenticated users' sessions, potentially leading to unauthorized disclosure of video feeds (confidentiality breach), manipulation or deletion of recorded footage (integrity breach), and disruption of surveillance operations (availability breach). This could compromise physical security monitoring, delay incident response, and expose sensitive environments to further attacks. The requirement for high privileges and user interaction somewhat limits exploitation but does not eliminate risk, especially in environments where users have elevated access and may be targeted via phishing or social engineering. The absence of known exploits currently reduces immediate risk, but the critical nature of surveillance systems means that successful exploitation could have severe consequences for organizations in sectors such as critical infrastructure, government, transportation, and large enterprises. The lack of patches increases exposure time, emphasizing the need for proactive mitigation.

1. Implement network-level access controls to restrict access to the C-MOR web interface only to trusted management networks or VPNs, reducing exposure to external attackers. 2. Enforce strong authentication mechanisms, including multi-factor authentication (MFA), to limit the risk of compromised credentials being used to exploit the vulnerability. 3. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious CSRF attack patterns targeting the C-MOR interface. 4. Educate users with administrative access about phishing and social engineering risks to reduce the likelihood of inadvertent user interaction enabling CSRF attacks. 5. Monitor logs and network traffic for unusual or unauthorized configuration changes or access attempts to detect potential exploitation attempts early. 6. If possible, isolate the surveillance system on a segmented network to limit lateral movement in case of compromise. 7. Engage with the vendor for updates or patches and apply them promptly once available. 8. Consider deploying browser security extensions or policies that can help mitigate CSRF risks by restricting cross-site requests.