CVE-2025-56764
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2025-11-11

Assigner: MITRE

Description
Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username exists or not by returning different error messages ("Unknown user" vs. "Wrong password"), allowing an attacker to enumerate valid usernames.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2025-11-11
Generated
2026-05-07
AI Q&A
2025-09-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-56764
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
trivisionsecurity trivision_nc-227wf_firmware 5.80
trivisionsecurity trivision_nc-227wf *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects the Trivision NC-227WF device running firmware 5.80. It arises because the device's web authentication improperly accepts HTTP Basic authentication credentials instead of enforcing HTTP Digest authentication. This allows attackers to bypass authentication and access the web interface and camera streams. Additionally, the device returns different error messages for invalid usernames ('Unknown user') versus incorrect passwords ('Wrong password'), enabling attackers to enumerate valid usernames. [1]


How can this vulnerability impact me? :

The vulnerability can lead to unauthorized access to the device's web interface and camera streams. Attackers can enumerate valid usernames, facilitating targeted brute force or credential stuffing attacks. This exposure can compromise device security and privacy by revealing sensitive configuration endpoints and embedded stream credentials. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to access the device's web interface using HTTP Basic authentication on endpoints protected by Digest authentication. For example, using the curl command: curl -u admin:admin http://<device_ip>:20080/en/player/flash_vga.asp. If the device returns the full web interface HTML without triggering a Digest challenge, it indicates the vulnerability. Additionally, observing different login error messages such as "Unknown user" versus "Wrong password" during login attempts can confirm username enumeration. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include enforcing Digest authentication exclusively and rejecting Basic authentication on Digest-protected endpoints, normalizing login error messages to prevent username validity disclosure, rotating any exposed credentials, auditing logs for suspicious activity, restricting management interface access by IP address, and placing the device behind an authenticated gateway. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart