PT-2026-50675 · Shenzhen Liandian Communication Technology · V380 Ip Camera / Appfhe1 V1.0.6.0

Published

2026-06-18

Updated

2026-06-18

CVE-2026-12527

CVSS v4.0

6.0

Medium

Vector

AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y/V:C/U:Red

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1 V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-time video stream data.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2026-12527

Affected Products

V380 Ip Camera / Appfhe1 V1.0.6.0

PT-2026-50675 · Shenzhen Liandian Communication Technology · V380 Ip Camera / Appfhe1 V1.0.6.0

CVE-2026-12527

Weakness Enumeration

Related Identifiers

Affected Products

References · 2