An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. It is possible (using TELNET without a password) to control the camera's pan/zoom/tilt functionality.
4f111b524e1c6a2c13fe15aeb6f474b251ca164aab9366bbc9c9001930ad89b1[Suggested description]
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices.
It is possible (using TELNET without a password) to control the camera's
pan/zoom/tilt functionality.
------------------------------------------
[Vulnerability Type]
Incorrect Access Control
------------------------------------------
[Vendor of Product]
Sannce
------------------------------------------
[Affected Product Code Base]
Sannce Smart HD Wifi Security Camera - EAN nr: 2 950004 595317
------------------------------------------
[Affected Component]
Videostream of camera
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Escalation of Privileges]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
An attacker simply needs to be able to connect to the device over the network.
------------------------------------------
[Has vendor confirmed or acknowledged the vulnerability?]
true
------------------------------------------
[Discoverer]
Willem Westerhof, Jasper Nota, Martijn Baalman from Qbit cyber security in cooperation with the Dutch Consumer organisation.
------------------------------------------
[Reference]
https://www.sannce.com
Use CVE-2019-20465.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed