cbcvebase.
CVE-2020-25748
published 2020-09-25

CVE-2020-25748: A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can…

PriorityP339high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
0.84%
53.3th percentile
A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values.

Affected

6 ranges
VendorProductVersion rangeFixed in
rubetekrv-3406_firmware
rubetekrv-3406_firmware
rubetekrv-3409_firmware
rubetekrv-3409_firmware
rubetekrv-3411_firmware
rubetekrv-3411_firmware

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.