Home / exploits Arteco Web Client DVR/NVR Session Hijacking
Posted on 24 December 2020
The session identifier used by Arteco Web Client DVR/NVR is of an insufficient length and can be brute forced, allowing a remote attacker to obtain a valid session, bypass authentication, and disclose the live camera stream.