CVE-2025-65856

CRITICAL

Xiongmai XM530 IP Cameras V5.00.R02.000807D8.10010.346624.S.ONVIF - Unauthenticated Sensitive Information Exposure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-65856. PoCs published by LuisMirandaAcebedo, KostasEreksonas.

AI-analyzed exploit summary This repository contains a detailed writeup for CVE-2025-65856, an authentication bypass vulnerability in Xiongmai XM530 IP cameras. The vulnerability allows unauthenticated access to sensitive ONVIF endpoints, enabling remote attackers to retrieve device information, configurations, and video streams.

Description

Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access.

Exploits (2)

nomisec WRITEUP 2 stars
by LuisMirandaAcebedo · poc
https://github.com/LuisMirandaAcebedo/CVE-2025-65856

This repository contains a detailed writeup for CVE-2025-65856, an authentication bypass vulnerability in Xiongmai XM530 IP cameras. The vulnerability allows unauthenticated access to sensitive ONVIF endpoints, enabling remote attackers to retrieve device information, configurations, and video streams.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Xiongmai XM530 IP Camera (Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06)
No auth needed
Prerequisites: Network access to the vulnerable device
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by KostasEreksonas · poc
https://github.com/KostasEreksonas/XM_ONVIF_auth_bypass

This repository contains a proof-of-concept exploit for CVE-2025-65856, an ONVIF authentication bypass vulnerability affecting XM 530 IP cameras. The exploit includes both shell scripts and Python code to interact with the camera's ONVIF services without authentication.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: XM 530 IP cameras
No auth needed
Prerequisites: Network access to the target camera · ONVIF services exposed on port 8899
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Not Applicable
http://hangzhou.com
Not Applicable
http://ip.com

Scores

CVSS v3 9.8
EPSS 0.0085
EPSS Percentile 53.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-306
Status published
Products (1)
xiongmaitech/xm530v200_x6-weq_8m_firmware 5.00.r02.000807d8.10010.346624.s.onvif_21.06
Published Dec 22, 2025
Tracked Since Feb 18, 2026