CVE-2024-58336
MEDIUMAkuvox S539 Firmware - Missing Authentication
Title source: ruleDescription
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affected Akuvox doorphone and intercom devices.
Scores
CVSS v3
5.3
EPSS
0.0011
EPSS Percentile
29.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Classification
CWE
CWE-306
Status
published
Affected Products (12)
akuvox/s539_firmware
akuvox/s532_firmware
akuvox/x916_firmware
akuvox/x915_firmware
akuvox/x912_firmware
akuvox/r29_firmware
akuvox/r20k-2_firmware
akuvox/r20a-2_firmware
akuvox/c313w-2_firmware
akuvox/ns-2_firmware
akuvox/nc-2_firmware
akuvox/nx-2_firmware
Timeline
Published
Dec 30, 2025
Tracked Since
Feb 18, 2026