CVE-2020-25748

Name of the Vulnerable Software and Affected Versions Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339)

Description A Cleartext Transmission issue allows an attacker to intercept and modify video data from the camera, as it is transmitted in an unencrypted form. The attacker can also modify responses from NTP and RTSP servers, forcing the camera to use the changed values. This issue is related to the lack of protection for transmitted data.

Recommendations For firmware versions v342 and v339, consider disabling the transmission of video data until a patch is available to encrypt the data. Restrict access to the camera's network to minimize the risk of exploitation. Avoid using the camera's Wi-Fi functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.