CVE-2026-40624— AVer PTC cameras Files or Directories Accessible to External Parties
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-40624
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AVer PTC cameras Files or Directories Accessible to External Parties
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras may allow a remote, unauthenticated attacker to achieve arbitrary code execution via a specially crafted web request.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对外部实体的文件或目录可访问
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-40624
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-40624
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-40624 (2)
IV. Related Vulnerabilities
Same weakness: CWE-552
- CVE-2025-14771
File Disclosure in ABB T-MAC Plus web application and in ABB - CVE-2026-45543
Nextcloud: Deleting a Forms collaborator share leaves upload - CVE-2026-40425
MacGregor Voyage Data Recorder (VDR) G4e Files or Directorie - CVE-2024-11399
Synology BeeDrive 安全漏洞 - CVE-2026-40564
Apache Flink Kubernetes Operator: Server-Side Request Forger
V. Comments for CVE-2026-40624
No comments yet