PT-2025-38751 · Blackmagic Design · Blackmagic Web Presenter Hd
Published
2025-09-22
·
Updated
2025-10-10
·
CVE-2025-57437
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Blackmagic Web Presenter HD firmware version 3.3
Description
The Blackmagic Web Presenter HD firmware version 3.3 has an unauthenticated Telnet service accessible on port 9977 that exposes sensitive information. Connecting to this service reveals device configuration data, including the model, version, unique identifiers, network settings (IP, MAC, DNS), current stream platform, stream key, and streaming URL. This information could be used to hijack live streams or conduct network reconnaissance.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Blackmagic Web Presenter Hd