| Title | FNKvision Y215 CCTV Camera 10.194.120.40 SD Card-Triggered Backdoor (Insecure Feature Activation) |
|---|
| Description | The firmware includes undocumented logic that starts the Telnet service when a file named s1_rf_test_config is present on an inserted SD card. Although the service still requires login, the credentials are hardcoded and known. This behavior allows attackers with brief physical access to enable remote administrative interfaces silently, increasing the attack surface. |
|---|
| Source | ⚠️ https://vorachat.somsuay.com/blog/Hacking%20CCTV%20FNKvision%20-%20Y215 |
|---|
| User | Hypernyan (UID 88732) |
|---|
| Submission | 08/06/2025 15:28 (8 months ago) |
|---|
| Moderation | 08/23/2025 17:00 (17 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 321215 [FNKvision Y215 CCTV Camera 10.194.120.40 Telnet Sevice s1_rf_test_config backdoor] |
|---|
| Points | 19 |
|---|