CVE-2015-2887

Name of the Vulnerable Software and Affected Versions iBaby M3S (affected versions not specified)

Description The issue is related to the presence of a pre-installed admin account with a default password admin in the iBaby M3S wireless video camera. This allows a remote attacker to gain administrator access to the device via Telnet or UART by entering the pre-set admin password.

Recommendations For iBaby M3S, consider changing the default admin password to a strong, unique password to prevent unauthorized access. As a temporary workaround, restrict access to Telnet and UART interfaces until a more permanent solution is available. Avoid using the default admin account until the issue is resolved, and instead create a new admin account with a secure password.