Soumettre #707197: Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware version: 57.0.2.0 Unauthenticated Hard Reset via ONVIF SetSystemFactoryDefaultinformation

TitreShenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware version: 57.0.2.0 Unauthenticated Hard Reset via ONVIF SetSystemFactoryDefault
DescriptionThe TC155 IP Camera exposes the ONVIF Device Management service without authentication. An attacker on the local network can invoke the SetSystemFactoryDefault action with FactoryDefault=Hard, resulting in a full factory reset, loss of configuration, and temporary loss of availability. No credentials are required.
La source⚠️ https://github.com/pwnpwnpur1n/IoT-advisories/blob/main/TC155-Unauth-Hard-Reset.md
Utilisateur
 keroomi (UID 62127)
Soumission05/12/2025 11:49 (il y a 7 mois)
Modérer15/12/2025 21:39 (10 days later)
StatutAccepté
Entrée VulDB336521 [Ningyuanda TC155 57.0.2.0 ONVIF Device Management Service /onvif/device_service FactoryDefault élévation de privilèges]
Points18

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!