CVE-2019-25248

HIGH

Beward N100 M2.1.6.04C014 - Info Disclosure

Title source: llm

Description

Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/46317

View Code ZIP pw:eip

References (3)

[Various Sources] https://www.beward.net

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/46317

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5509.php

Scores

CVSS v3 7.5

EPSS 0.0016

EPSS Percentile 37.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-306

Status draft

Timeline

Published Dec 24, 2025

Tracked Since Feb 18, 2026