| Title | FNKvision FNK-GU2 Wireless IP Camera Firmware version 40.1.7 and prior Use of a Broken or Risky Cryptographic Algorithm (CWE-327) |
|---|
| Description | The FNKvision GU2 Wireless IP Camera stores the root account's password hash in the /etc/shadow file using the MD5-crypt algorithm. This is an outdated and cryptographically weak hashing algorithm that is susceptible to offline cracking. |
|---|
| Source | ⚠️ https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21 |
|---|
| User | 0xHasta (UID 86257) |
|---|
| Submission | 07/02/2025 20:26 (10 months ago) |
|---|
| Moderation | 07/07/2025 15:19 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 315163 [FNKvision FNK-GU2 up to 40.1.7 MD5 /etc/shadow risky encryption] |
|---|
| Points | 16 |
|---|