Submit #629812: FNKvision Y215 CCTV Camera 10.194.120.40 SD Card-Triggered Backdoor (Insecure Feature Activation)info

TitelFNKvision Y215 CCTV Camera 10.194.120.40 SD Card-Triggered Backdoor (Insecure Feature Activation)
BeschreibungThe firmware includes undocumented logic that starts the Telnet service when a file named s1_rf_test_config is present on an inserted SD card. Although the service still requires login, the credentials are hardcoded and known. This behavior allows attackers with brief physical access to enable remote administrative interfaces silently, increasing the attack surface.
Quelle⚠️ https://vorachat.somsuay.com/blog/Hacking%20CCTV%20FNKvision%20-%20Y215
Benutzer
 Hypernyan (UID 88732)
Einreichung06.08.2025 15:28 (vor 11 Monaten)
Moderieren23.08.2025 17:00 (17 days later)
StatusAkzeptiert
VulDB Eintrag321215 [FNKvision Y215 CCTV Camera 10.194.120.40 Telnet Sevice s1_rf_test_config erweiterte Rechte]
Punkte19

Do you know our Splunk app?

Download it now for free!