cbcvebase.
CVE-2021-30169
published 2021-04-28

CVE-2021-30169: The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant user’s credential.

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.68%
74.0th percentile
The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant user’s credential.

Affected

42 ranges· showing 25
VendorProductVersion rangeFixed in
merit_lilin_ent.co_ltdp2_z2_p3_z3_ip_camera_firmwareunspecified – 7.1.94.8908
meritlilinp2g1022_firmware< 7.1.94.89087.1.94.8908
meritlilinp2g1022x_firmware< 7.1.94.89087.1.94.8908
meritlilinp2g1052_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r3022ae2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r3052ae2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6322ae2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6322ae4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6352ae2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6352ae4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6522e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6522e4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6552e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6552e4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6822e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6822e4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6852e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r6852e4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r8822e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r8822e4_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r8852e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp2r8852e4_firmware< 7.1.94.89087.1.94.8908
meritlilinp3r6322e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp3r6522e2_firmware< 7.1.94.89087.1.94.8908
meritlilinp3r8822e2_firmware< 7.1.94.89087.1.94.8908

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.