CVE-2024-8655
📋 TL;DR
This vulnerability allows remote attackers to access sensitive files or directories on Mercury MNVR816 devices through improper access controls in the /web-static/ path. It affects all versions up to 2.0.1.0.5 of the MNVR816 network video recorder. Attackers can exploit this without authentication to potentially view configuration files or other sensitive data.
💻 Affected Systems
- Mercury MNVR816
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers access administrative credentials, device configurations, or sensitive video metadata, leading to complete system compromise or data exfiltration.
Likely Case
Unauthorized viewing of configuration files, logs, or static web content that could aid further attacks or reconnaissance.
If Mitigated
Limited exposure with proper network segmentation and access controls preventing external exploitation.
🎯 Exploit Status
Exploit has been publicly disclosed and requires only web access to the device. Simple directory traversal or direct file access techniques can be used.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Vendor did not respond to disclosure. Consider workarounds or replacement if possible.
🔧 Temporary Workarounds
Network Access Restriction
linuxBlock external access to the MNVR816 web interface using firewall rules
iptables -A INPUT -p tcp --dport 80 -s ! TRUSTED_NETWORK -j DROP
iptables -A INPUT -p tcp --dport 443 -s ! TRUSTED_NETWORK -j DROP
Web Server Configuration
allAdd access controls to the /web-static/ directory if web server configuration is accessible
# Add to web server config: Location /web-static/ { Deny from all }
🧯 If You Can't Patch
- Isolate the MNVR816 on a separate VLAN with strict access controls
- Implement a reverse proxy with authentication in front of the device
🔍 How to Verify
Check if Vulnerable:
Attempt to access http://device-ip/web-static/ from an unauthorized location. If files are accessible without authentication, the device is vulnerable.Check Version:
Check web interface login page or system information page for firmware versionVerify Fix Applied:
Verify that accessing /web-static/ returns access denied or requires authentication after implementing workarounds.📡 Detection & Monitoring
Log Indicators:
- Multiple 200 OK responses to /web-static/ paths from unauthorized IPs
- Unusual file access patterns in web server logs
Network Indicators:
- HTTP requests to /web-static/* from external IP addresses
- Unusual traffic patterns to device web interface
SIEM Query:
source="web_logs" AND (uri_path="/web-static/*" AND NOT src_ip IN TRUSTED_NETWORKS)