8.1
CVSSv3

CVE-2020-25748

Published: 25/09/2020 Updated: 08/10/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

A Cleartext Transmission issue exists on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rubetek rv-3406_firmware 339

rubetek rv-3406_firmware 342

rubetek rv-3409_firmware 339

rubetek rv-3409_firmware 342

rubetek rv-3411_firmware 339

rubetek rv-3411_firmware 342

Github Repositories

CVE-2020-25748

CVE-2020-25748 [Suggested description] A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form One can also modify responses from NTP and RTSP servers and force the camera to use the ch