Published: 25/09/2020 Updated: 21/07/2021

CVSS v2 Base Score: 9 | Impact Score: 8.5 | Exploitability Score: 10

CVSS v3 Base Score: 9.4 | Impact Score: 5.5 | Exploitability Score: 3.9

VMScore: 801

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C

The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote malicious user to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset it to factory settings.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rubetek rv-3406_firmware 339
rubetek rv-3406_firmware 342
rubetek rv-3409_firmware 339
rubetek rv-3409_firmware 342
rubetek rv-3411_firmware 339
rubetek rv-3411_firmware 342

CVE-2020-25747

CVE-2020-25747 [Suggested description] The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera,

CWE-306 https://github.com/jet-pentest/CVE-2020-25747 https://nvd.nist.gov https://github.com/jet-pentest/CVE-2020-25747

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-25747

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect