exploitDog

CVE-2025-50777

Опубликовано: 30 июл. 2025

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service credentials stored in plaintext, enabling further compromise of the network and connected systems.

Ссылки

http://aziot.com
Broken Link
https://github.com/veereshgadige/aziot-cctv-cve-2025-50777
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:aziot:2mp_full_hd_smart_wi-fi_cctv_home_security_camera_firmware:1.00.02:*:*:*:*:*:*:*

cpe:2.3:h:aziot:2mp_full_hd_smart_wi-fi_cctv_home_security_camera:-:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.0001

Низкий

7.8 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-m2c5-wgww-2xf2

CVSS3: 7.8

github

6 месяцев назад

The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service credentials stored in plaintext, enabling further compromise of the network and connected systems.

EPSS

Процентиль: 1%

0.0001

Низкий

7.8 High

CVSS3

Дефекты

CWE-284