PT-2026-21788 · Tattile · Tattile Smart++2
Gjoko Krstic
·
Publicado
2026-02-24
·
Atualizado
2026-02-26
·
CVE-2026-26340
CVSS v4.0
8.7
Alta
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Tattile Smart+ versions prior to 1.181.6
Tattile Vega versions prior to 1.181.6
Tattile Basic versions prior to 1.181.6
Description
The firmware on Tattile Smart+, Vega, and Basic device families, versions 1.181.5 and earlier, allows unauthorized access to Real Time Streaming Protocol (RTSP) streams. An attacker can connect to the RTSP service without providing valid credentials and access live video and audio feeds, leading to the disclosure of surveillance data.
Recommendations
Update Tattile Smart+ to a version later than 1.181.5.
Update Tattile Vega to a version later than 1.181.5.
Update Tattile Basic to a version later than 1.181.5.
Exploit
Correção
Missing Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tattile Basic
Tattile Smart+
Tattile Vega