CVE-2025-9380 | FNKvision Y215 CCTV Camera 10.194.120.40 Firmware /etc/passwd hard-coded credentials

Inserito da Angelo Barbosa | Ago 23, 2025 | CVE

A vulnerability labeled as problematic has been found in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this issue is some unknown functionality of the file /etc/passwd of the component Firmware. Such manipulation leads to hard-coded credentials.

This vulnerability is uniquely identified as CVE-2025-9380. Local access is required to approach this attack. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9380 | FNKvision Y215 CCTV Camera 10.194.120.40 Firmware /etc/passwd hard-coded credentials

Post correlati

CVE-2025-54792 | LocalSend up to 1.17.0 channel accessible (GHSA-424h-5f6m-x63f)

CVE-2025-4407 | ABB Lite Panel Pro up to 1.0.1 session expiration

CVE-2024-22729 | Netis MW5360 1.0.1.3031 Login Page password command injection

CVE-2025-43700 | Salesforce OmniStudio up to Spring 2025 FlexCards permissions