CVE-2025-62674

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

CVE-2025-62674

The CVE-2025-62674 issue concerns iCam365 P201 and iCam365 QC021 network cameras. The vulnerability allows unauthenticated access to RTSP services, which may enable an attacker to retrieve camera configuration information. The information in the connected documents indicates this affects RTSP/ONV...

CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

CVE-2025-64770

CVE-2025-64770 involves unauthenticated access to ONVIF services in affected iCam365 network cameras (e.g., iCam365 P201 and P201 QC021), potentially exposing camera configuration information. The Red Hat and EUVD entries mirror the same description. No concrete patch/version or remediation is sp...

CVE-2025-64770 Missing Authentication for ONVIF in iCam Cameras

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-324-01 Automated Logic WebCTRL Premium Server ICSA-25-324-02 ICAM365 CCTV Camera Multiple Models...

ICAM365 CCTV Camera Multiple Models

RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized exposure of camera video streams and camera configuration data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

iCam365 P201和iCam365 QC021 访问控制错误漏洞

The iCam365 P201 and iCam365 QC021 are both a network surveillance camera from the Chinese company iCam365. An access control error vulnerability exists in the iCam365 P201 and iCam365 QC021 that stems from the product allowing unauthenticated access to the RTSP service, which could lead to...

iCam365 P201和iCam365 QC021 访问控制错误漏洞

The iCam365 P201 and iCam365 QC021 are both a network surveillance camera from the Chinese company iCam365. An access control error vulnerability exists in the iCam365 P201 and iCam365 QC021, which stems from unauthenticated access to the ONVIF service and could lead to unauthorized access to...

PT-2025-47630

Name of the Vulnerable Software and Affected Versions Net devices affected versions not specified Description The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services. This may allow an attacker unauthorized access to camera configuration information...

PT-2025-47628

Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description The product allows unauthenticated access to Real Time Streaming Protocol RTSP services, potentially granting an attacker unauthorized access to camera configuration information. Real Time...

Vivotek Camera 安全漏洞

Vivotek Camera is a webcam from China VIVOTEK Communications Vivotek. A security vulnerability exists in Vivotek Camera that stems from the firmware using default credentials to log into the root and user accounts...

CVE-2021-4469

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by...

CVE-2021-4468

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated attacker can directly retrieve a compressed configuration backup file from the device. The backup contains sensitive configuration information,...

CVE-2021-4469 Denver SHO-110 IP Camera Unauthenticated Snapshot Access

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by...

CVE-2021-4469

CVE-2021-4469 : Denver SHO-110 IP cameras expose a secondary HTTP service on port 8001 with an unauthenticated /snapshot endpoint. While port 80 requires authentication, the backdoor service allows remote attackers to fetch snapshots directly, enabling repeated collection and potential reconstruc...

CVE-2021-4469 Denver SHO-110 IP Camera Unauthenticated Snapshot Access

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by...

EUVD-2021-34716

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by...

CVE-2021-4468

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated attacker can retrieve a compressed configuration backup file, which contains credentials and enables administrative access, compromising confidentia...