CVE-2024-0305 Scanner
CVE-2024-0305 Scanner - Remote Code Execution vulnerability in Ncast
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
The Ncast Yingshi high-definition intelligent recording and playback system is widely used for audio and video recording and playback. Developed by Ncast Project, it is utilized across various industries for surveillance, security, and multimedia purposes.
The vulnerability detected in Ncast versions 2017 and earlier allows remote attackers to execute arbitrary code on the affected system, posing a significant security risk.
The vulnerability resides in the busiFacade.php
endpoint of the Ncast system. Attackers can exploit this by sending a crafted HTTP POST request containing malicious code, typically achieved through JSON input.
Exploitation of this vulnerability can lead to unauthorized execution of arbitrary commands on the target system. Attackers can leverage this to gain control over the system, steal sensitive data, or disrupt normal operations.
By utilizing S4E's comprehensive scanning services, you can proactively identify and mitigate vulnerabilities like the CVE-2024-0305 in Ncast. Stay ahead of potential threats and protect your digital assets effectively by joining our platform today.
References: