CVE-2025-9983

Vulnerability Description

GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Changing these values does not change camera's behavior. The vendor did not respond in any way. Only version 11.100001.01.28 was tested, other versions might also be vulnerable.

Related Weaknesses (CWE)

CWE-306

References

https://cert.pl/en/posts/2025/09/CVE-2025-9983
https://www.galayou-store.com/g2

FAQ

What is CVE-2025-9983?

CVE-2025-9983 is a documented vulnerability. GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Chan...

How severe is CVE-2025-9983?

CVSS scoring is not yet available for CVE-2025-9983. Check NVD for updates.

Is there a patch for CVE-2025-9983?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.