Vulnerability CVE-2019-12920
Published: 2019-06-20

Description:
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the network can login remotely to the camera and gain root access. The device ships with a hardcoded 12345678 password for the root account, accessible from a TELNET login prompt.

Type:

CWE-798

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Cylan -> Clever dog smart camera panorama dog-2w firmware 
Cylan -> Clever dog smart camera plus dog-2w-v4 firmware 

 References:
https://www.exploit-db.com/exploits/46993
Copyright 2024, cxsecurity.com

 

Back to Top