CVE-2022-38970

Name of the Vulnerable Software and Affected Versions ieGeek IG20 hipcam RealServer version V1.0

Description The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw, allowing remote attackers to establish direct connections to arbitrary devices. This issue is related to Incorrect Access Control.

Recommendations For ieGeek IG20 hipcam RealServer version V1.0, consider restricting access to the device until a patch is available to mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.