Vulnerability Description
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but is nevertheless available). Two backdoor accounts (root and default) exist that can be used on this interface. The usernames and passwords of the backdoor accounts are the same on all devices. Attackers can use these backdoor accounts to obtain access and execute code as root within the device.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sannce | Smart Hd Wifi Security Camera Ean 2 950004 595317 Firmware | - |
| Sannce | Smart Hd Wifi Security Camera Ean 2 950004 595317 | - |
References
- http://seclists.org/fulldisclosure/2024/Jul/14
- https://www.eurofins-cybersecurity.com/news/connected-devices-baby-monitors-partExploitThird Party Advisory
- https://www.sannce.comVendor Advisory
- http://seclists.org/fulldisclosure/2024/Jul/14
- https://www.eurofins-cybersecurity.com/news/connected-devices-baby-monitors-partExploitThird Party Advisory
- https://www.sannce.comVendor Advisory
FAQ
What is CVE-2019-20467?
CVE-2019-20467 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but i...
How severe is CVE-2019-20467?
CVE-2019-20467 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-20467?
Check the references section above for vendor advisories and patch information. Affected products include: Sannce Smart Hd Wifi Security Camera Ean 2 950004 595317 Firmware, Sannce Smart Hd Wifi Security Camera Ean 2 950004 595317.