CVE-2020-25747

Name of the Vulnerable Software and Affected Versions Rubetek RV-3406, RV-3409, and RV-3411 (affected versions not specified)

Description The issue is related to insufficient authentication in the Telnet service of the Wi-Fi camera's firmware, allowing a remote attacker to gain unauthorized access to RTSP and ONFIV services. This access enables the attacker to watch live streams from the camera, change camera settings, rotate the camera, restart it, or reset it to factory settings.

Recommendations For Rubetek RV-3406, RV-3409, and RV-3411, consider disabling the Telnet service until a patch is available to prevent unauthorized access. Restrict access to RTSP and ONFIV services to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.