CVE-2024-45175 is a vulnerability identified in the za-internet C-MOR Video Surveillance software version 5.2401, where sensitive information including login credentials for cameras and FTP servers is stored in cleartext within the filesystem. This insecure storage violates best practices for credential management and exposes critical authentication data. The vulnerability is compounded by the possibility of exploiting a path traversal attack (CWE-22), allowing an attacker with limited filesystem access to read these sensitive files. The attacker does not require user interaction and only needs limited privileges (PR:L) to exploit the vulnerability remotely (AV:N). The CVSS 3.1 score of 8.8 indicates a high severity with significant impact on confidentiality, integrity, and availability (C:H/I:H/A:H). This means attackers can gain unauthorized access to surveillance cameras, potentially manipulate video feeds, or disrupt monitoring services. The vulnerability also exposes FTP server credentials, which could be leveraged for further network compromise or data exfiltration. No patches or mitigations have been officially released at the time of publication, and no active exploitation has been reported. The vulnerability highlights the critical need for secure credential storage and robust access controls in video surveillance systems, which are often deployed in sensitive environments.

The exposure of cleartext credentials for surveillance cameras and FTP servers can lead to unauthorized access and control over video feeds, compromising physical security monitoring. Attackers could manipulate or disable cameras, impairing incident detection and response. The compromise of FTP credentials may allow attackers to access or exfiltrate sensitive data, further escalating the breach impact. Organizations relying on this software for security monitoring face risks of espionage, sabotage, or privacy violations. The vulnerability affects confidentiality by exposing sensitive credentials, integrity by enabling unauthorized modifications, and availability by potentially disrupting surveillance operations. Given the network attack vector and low complexity, the threat can be exploited at scale, especially in environments where filesystem access can be gained through other vulnerabilities or misconfigurations. This could impact critical infrastructure, government facilities, corporate offices, and public safety systems worldwide.

1. Immediately restrict filesystem access on devices running C-MOR Video Surveillance to trusted administrators only, using strict access control lists and permissions. 2. Implement network segmentation to isolate surveillance systems from general user networks, reducing the risk of lateral movement. 3. Monitor and audit filesystem access logs for suspicious activity indicative of path traversal or unauthorized file reads. 4. Employ intrusion detection/prevention systems to detect attempts to exploit path traversal vulnerabilities. 5. Where possible, replace or upgrade the affected software to versions that do not store credentials in cleartext or apply vendor patches once available. 6. Use strong, unique credentials for cameras and FTP servers and consider multi-factor authentication if supported. 7. Encrypt sensitive configuration files or store credentials using secure vaults or encrypted storage mechanisms. 8. Conduct regular security assessments and penetration testing focused on filesystem and web interface vulnerabilities to identify and remediate path traversal or similar issues. 9. Educate administrators on secure configuration and the risks of storing sensitive data in cleartext.