Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-25747 PoC — 多款 Rubetek 产品授权问题漏洞

Source
https://github.com/jet-pentest/CVE-2020-25747
Associated Vulnerability
Title:多款 Rubetek 产品授权问题漏洞 (CVE-2020-25747)
Description:Rubetek cameras RV-3406等都是俄罗斯Rubetek的产品。Rubetek cameras RV-3406是一款照相机。Rubetek cameras RV-3409是一款摄相机。Rubetek cameras RV-3411是一款摄像机。 Rubetek cameras telnet服务存在安全漏洞,攻击者可利用该漏洞使远程无需身份验证即可访问RTSP和ONFIV服务,从摄像机观看直播,旋转摄像机,更改某些设置(亮度,清晰度,时间),重新启动摄像机或将其重置为出厂设置。以下版本及产品
Description
CVE-2020-25747
Readme
## CVE-2020-25747

[Suggested description]
The Telnet service of Rubetek RV-3406, RV-3409, and
RV-3411 cameras (firmware versions v342, v339) can allow a remote
attacker to gain access to RTSP and ONFIV services without
authentication. Thus, the attacker can watch live streams from the
camera, rotate the camera, change some settings (brightness, clarity,
time), restart the camera, or reset it to factory
settings.
------------------------------------------
[Additional Information]
A letter was sent to the vendor about the vulnerability.
------------------------------------------
[Vulnerability Type]
Incorrect Access Control
------------------------------------------
[Vendor of Product]
Rubetek (https://rubetek.com/)
------------------------------------------
[Affected Product Code Base]
Camera RV-3406 - Firmware version 339 and 342 are affected. There are no fixed versions
Camera RV-3409 - Firmware version 339 and 342 are affected. There are no fixed versions
Camera RV-3411 - Firmware version 339 and 342 are affected. There are no fixed versions
------------------------------------------
[Affected Component]
ONVIF-service, RTSP-service
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Denial of Service]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[CVE Impact Other]
Onvif service possible to move the camera and change some settings (brightness, clarity, time), it can restart the device and activate the reset to factory settings
------------------------------------------
[Attack Vectors]
Anyone with network access to the camera can connect to ONVIF and RTSP services without using authentication.
------------------------------------------
[Discoverer]
Sergey Zelensky (Jet Infosystems, jet.su)
------------------------------------------
[Reference]
https://jet.su
File Snapshot

 [4.0K]  /data/pocs/03e74290466ea0dc923eef5c7fa36b195606032d
└── [1.9K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.