Improper access control

2018-12-2118:29:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.5%

JSON

The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.

References

neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/

neolex-security.fr/blog/7/

neolex-security.fr/blog/8/