| Titel | Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware Version 57.0.2.0 Missing Critical Step in Authentication |
|---|
| Beschreibung | The TC155 IP Camera is found to be susceptible to unauthenticated RTSP stream access, enabling adversaries within the same network segment to capture, record, and view the camera’s live video feed.
During an independent audit of the TC155 IP Camera, it was discovered that any adversary within the same network segment can capture, record and view the IP camera’s live video feed without any use of authentication through RTSP. This issue raises a privacy concern that any adversary within the same network can invade physical spaces without complexity. |
|---|
| Quelle | ⚠️ https://github.com/pwnpwnpur1n/IoT-advisories/blob/main/TC155-Unauth-RTSP.md |
|---|
| Benutzer | keroomi (UID 62127) |
|---|
| Einreichung | 05.12.2025 11:42 (vor 6 Monaten) |
|---|
| Moderieren | 15.12.2025 21:39 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 336519 [Ningyuanda TC155 57.0.2.0 RTSP Live Video Stream Endpoint schwache Authentisierung] |
|---|
| Punkte | 20 |
|---|