Ivan Nikolsky

**Name of the Vulnerable Software and Affected Versions** Denver SHC-150 Smart Wifi Camera (affected versions not specified) **Description** The Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential issue that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system. The affected device allows full shell access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Denver SHO-110 IP cameras (affected versions not specified) **Description** Denver SHO-110 IP cameras have a secondary HTTP service accessible on TCP port 8001. This service provides access to the `/snapshot` endpoint without requiring authentication. An attacker can retrieve image snapshots by directly requesting the `/snapshot` endpoint, potentially reconstructing the camera stream and compromising the confidentiality of the monitored environment. The primary web interface on port 80 enforces authentication, but the backdoor service bypasses this security measure. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.