PT-2020-20603 · Cacagoo · Cacagoo Cloud Storage Intelligent Camera Tv-288Zd-2Mp

Published

2020-04-02

·

Updated

2021-07-21

·

CVE-2020-9349

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP version 3.4.2.0919
Description The issue allows unauthorized access to the RTSP service without requiring a password.
Recommendations For version 3.4.2.0919, consider disabling the RTSP service until a patch is available to prevent unauthorized access.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-9349

Affected Products

Cacagoo Cloud Storage Intelligent Camera Tv-288Zd-2Mp