| Titre | FNKvision FNK-GU2 Wireless IP Camera Firmware version 40.1.7 and prior Clear-text Storage of Sensitive Information (CWE-312) |
|---|
| Description | The FNKvision GU2 Wireless IP Camera stores the wireless network credentials (SSID and password) in a plaintext configuration file on the filesystem. An attacker with root access, obtainable via the unprotected serial interface, can read this file and retrieve the Wi-Fi credentials, potentially allowing them to compromise the local network. |
|---|
| La source | ⚠️ https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21 |
|---|
| Utilisateur | 0xHasta (UID 86257) |
|---|
| Soumission | 02/07/2025 20:30 (il y a 10 mois) |
|---|
| Modérer | 07/07/2025 15:19 (5 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 315164 [FNKvision FNK-GU2 jusqu’à 40.1.7 /rom/wpa_supplicant.conf chiffrement faible] |
|---|
| Points | 18 |
|---|