Описание
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. Any attacker that has the ability to control DNS can exploit this vulnerability to remotely login to the device and gain access to the camera system.
Ссылки
- Third Party Advisory
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Одновременно
EPSS
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. Any attacker that has the ability to control DNS can exploit this vulnerability to remotely login to the device and gain access to the camera system.
EPSS
7.2 High
CVSS3
9 Critical
CVSS2