Published: 17/11/2010 Updated: 10/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The Linux installation on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 has a default password of m for the root account, and a default password of merlin for the mg3500 account, which makes it easier for remote malicious users to obtain access via the TELNET interface.

Vulnerable Product	Search on Vulmon	Subscribe to Product
camtron cmnc-200_firmware 1.102a-008
camtron cmnc-200
tecvoz cmnc-200_firmware 1.102a-008
tecvoz cmnc-200

Finding 4: Undocumented Default Accounts CVE: CVE-2010-4233 The CMNC-200 IP Camera has undocumented default accounts on its Linux operating system These accounts can be used to login via the cameras telnet interface, which cannot be normally disabled The usernames and passwords are listed below User: root Password: m User: mg3500 Passwor ...

The Camtron CMNC-200 IP Camera suffers from buffer overflow, administrative bypass, default account and directory traversal vulnerabilities ...

CWE-255 https://www.trustwave.com/spiderlabs/advisories/TWSL2010-006.txt http://www.exploit-db.com/exploits/15507 http://www.securityfocus.com/archive/1/514753/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/15507/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4233

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect