CVE-2025-65856: CVE-2025-65856

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-65856

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Xiongmai XM530 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Xiongmai XM530是中国Xiongmai公司的一个视频监控摄像头。 Xiongmai XM530 IP cameras Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06版本存在安全漏洞，该漏洞源于身份验证绕过，可能导致未经授权的远程攻击者访问敏感设备信息和实时视频流。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-65856

#	POC Description	Source Link	Shenlong Link
1	Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass	https://github.com/LuisMirandaAcebedo/CVE-2025-65856	POC Details
2	Proof-of-concept code (Bash and Python) for CVE-2025-65856 where ONVIF implementation in in Xiongmai XM530 IP cameras allows for unauthenticated access to sensitive device information and live video streams	https://github.com/KostasEreksonas/XM_ONVIF_auth_bypass	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-65856

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-65856

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2025-65856

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-65856

III. Intelligence Information for CVE-2025-65856

IV. Related Vulnerabilities

V. Comments for CVE-2025-65856

Leave a comment