Vatilon-based IP Cameras Authentication Bypass / Credential Exposure

Vatilon-based IP camera firmware contains an authentication bypass and plaintext credential exposure vulnerability in the /cgi-bin/web.cgi API. The web interface processes requests containing username and password parameters in plaintext without validating authentication state or session context,...