PT-2025-48192 · Escam · Escam Qd-900 Wifi Hd Cameras
Todor Donev
·
Publicado
2025-11-26
·
Atualizado
2025-11-29
·
CVE-2020-36871
CVSS v4.0
8.7
Alta
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
ESCAM QD-900 WIFI HD cameras (affected versions not specified)
Description
ESCAM QD-900 WIFI HD cameras have an unauthenticated configuration disclosure issue in the
/web/cgi-bin/hi3510/backup.cgi endpoint. This endpoint allows remote download of a compressed configuration backup without authentication or authorization. The exposed backup may contain administrative credentials and other sensitive device settings, potentially enabling an unauthenticated remote attacker to gain information that could compromise the camera or connected network.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Missing Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Escam Qd-900 Wifi Hd Cameras