| Titre | FNKvision FNK-GU2 Wireless IP Camera Firmware version 40.1.7 and prior On-Chip Debug and Test Interface With Improper Access Control (C |
|---|
| Description | The FNKvision GU2 Wireless IP Camera has an unprotected serial interface accessible on the main PCB. An attacker with physical access can connect to this interface and gain a root shell by providing the username 'root', which bypasses password authentication and provides complete administrative control over the device's operating system. |
|---|
| La source | ⚠️ https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21 |
|---|
| Utilisateur | 0xHasta (UID 86257) |
|---|
| Soumission | 02/07/2025 20:19 (il y a 10 mois) |
|---|
| Modérer | 07/07/2025 15:19 (5 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 315162 [FNKvision FNK-GU2 jusqu’à 40.1.7 UART Interface Local Privilege Escalation] |
|---|
| Points | 18 |
|---|