Rubetek Rv-3406 Firmware vulnerabilities
3 known vulnerabilities affecting rubetek/rv-3406_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-25749P2CRITICALCVSS 9.8v339v3422020-09-25
CVE-2020-25749 [CRITICAL] CWE-798 CVE-2020-25749: The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342,
The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. The Telnet service cannot be disabled and this password can
nvd
CVE-2020-25747P2CRITICALCVSS 9.4v339v3422020-09-25
CVE-2020-25747 [CRITICAL] CWE-306 CVE-2020-25747: The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) c
The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset
nvd
CVE-2020-25748P3HIGHCVSS 8.1v339v3422020-09-25
CVE-2020-25748 [HIGH] CWE-319 CVE-2020-25748: A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firm
A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values
nvd