Tj-Oconnor

**Name of the Vulnerable Software and Affected Versions** NightOwl WDB-20-V2 version WDB-20-V2 20190314 **Description** The issue allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via the "/snapshot" URI. **Recommendations** For NightOwl WDB-20-V2 version WDB-20-V2 20190314, as a temporary workaround, consider restricting access to the "/snapshot" URI until a patch is available. Avoid using the web server on port 80 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.