| Título | FNKvision Y215 CCTV Camera 10.194.120.40 SD Card-Triggered Backdoor (Insecure Feature Activation) |
|---|
| Descrição | The firmware includes undocumented logic that starts the Telnet service when a file named s1_rf_test_config is present on an inserted SD card. Although the service still requires login, the credentials are hardcoded and known. This behavior allows attackers with brief physical access to enable remote administrative interfaces silently, increasing the attack surface. |
|---|
| Fonte | ⚠️ https://vorachat.somsuay.com/blog/Hacking%20CCTV%20FNKvision%20-%20Y215 |
|---|
| Utilizador | Hypernyan (UID 88732) |
|---|
| Submissão | 06/08/2025 15h28 (há 11 meses) |
|---|
| Moderação | 23/08/2025 17h00 (17 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 321215 [FNKvision Y215 CCTV Camera 10.194.120.40 Telnet Sevice s1_rf_test_config Elevação de Privilégios] |
|---|
| Pontos | 19 |
|---|