CVE-2020-25748
HIGHRubetek RV-3406, RV-3409, and RV-3411 Firmware v342, v339 - Cleartext Transmission of Sensitive Information
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-25748. PoCs published by jet-pentest.
AI-analyzed exploit summary This repository contains a writeup describing CVE-2020-25748, a cleartext transmission vulnerability in Rubetek RV-3406, RV-3409, and RV-3411 cameras. The vulnerability allows interception and modification of video data, NTP, and RTSP responses due to unencrypted transmission.
Description
A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values.
Exploits (1)
This repository contains a writeup describing CVE-2020-25748, a cleartext transmission vulnerability in Rubetek RV-3406, RV-3409, and RV-3411 cameras. The vulnerability allows interception and modification of video data, NTP, and RTSP responses due to unencrypted transmission.
References (1)
Scores
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H