Skip to main content

Qnd 8080R EUVDEUVD-2024-55560

| CVE-2024-54013 HIGH
Missing Authentication for Critical Function (CWE-306)
2026-04-28 Hanwha_Vision
8.7
CVSS 4.0 · Vendor: Hanwha_Vision
Share

Severity by source

Vendor (Hanwha_Vision) PRIMARY
8.7 HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (Hanwha_Vision) · only source for this CVE.

CVSS VectorVendor: Hanwha_Vision

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
Patch released
Apr 28, 2026 - 20:11 nvd
Patch available
Patch available
Apr 28, 2026 - 09:01 EUVD
CVSS changed
Apr 28, 2026 - 08:22 NVD
8.7 (HIGH)
EUVD ID Assigned
Apr 28, 2026 - 07:30 euvd
EUVD-2024-55560
CVE Published
Apr 28, 2026 - 07:06 nvd
HIGH 8.7

DescriptionCVE.org

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds

AnalysisAI

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Technical ContextAI

This vulnerability is classified as Missing Authentication for Critical Function (CWE-306), which allows attackers to access critical functionality without authentication. Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds Affected products include: Hanwha Vision Qnd-8080R.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Require authentication for all sensitive operations, implement defense in depth.

Share

EUVD-2024-55560 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy