CVE-2019-10710

Name of the Vulnerable Software and Affected Versions Hisilicon Hi3510 firmware (affected versions not specified)

Description The issue concerns insecure permissions in the Web management portal of IP cameras based on Hisilicon Hi3510 firmware. This allows authenticated attackers to obtain a network's cleartext WiFi credentials by sending a specific HTTP request. The affected devices include various models labeled as HI3510, HI3518, LOOSAFE, LEVCOECAM, Sywstoda, BESDER, WUSONGLUSAN, GADINAN, Unitoptek, ESCAM, etc.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.