PT-2020-19265 · Cacagoo · Cacagoo Cloud Storage Intelligent Camera Tv-288Zd-2Mp
Published
2020-04-02
·
Updated
2021-07-21
·
CVE-2020-6852
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP version 3.4.2.0919
Description
The issue is related to weak authentication of TELNET access, allowing root privileges without any password required.
Recommendations
For version 3.4.2.0919, consider disabling TELNET access until a patch is available to prevent unauthorized root access.
Exploit
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cacagoo Cloud Storage Intelligent Camera Tv-288Zd-2Mp