CVE-2017-16566

Name of the Vulnerable Software and Affected Versions Jooan IP Camera A5 version 2.3.36

Description The issue is related to an insecure FTP server that does not require authentication, allowing remote attackers to read or replace core system files, including those used for authentication, such as passwd and shadow. This can be exploited to gain full root-level control of the device.

Recommendations For Jooan IP Camera A5 version 2.3.36, consider disabling the FTP server until a patch is available to prevent unauthorized access. Restrict access to the device to minimize the risk of exploitation. Avoid using the device until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.