来源

关联漏洞

描述

CVE-2025-50777: Root Access and Plaintext Credential Exposure in AZIOT Smart CCTV

介绍

# aziot-cctv-cve-2025-50777

# CVE-2025-50777: Root Access and Plaintext Credential Exposure in AZIOT Smart CCTV

## Summary

A local access control vulnerability (**CVE-2025-50777**) has been identified in the firmware of the **AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera** (Firmware Version **V1.00.02**). This flaw allows attackers with **physical or local network access** to gain **unauthorized root shell access** and extract **sensitive credentials stored in plaintext**. The vulnerability was discovered during a security assessment of the device’s firmware.

---

## CVE ID

**CVE-2025-50777** (currently **RESERVED**)

---

## Affected Product

- **Vendor:** AZIOT  
- **Product:** 2MP Full HD Smart Wi-Fi CCTV Home Security Camera  
- **Firmware Version:** V1.00.02  
- **Storage:** 128GB, 1 Channel  

---

## Vulnerability Details

During firmware analysis and UART access testing, the following issues were identified:

- The device allows bypassing boot-level authentication via **UART console** using insecure bootloader and init script misconfigurations.
- Once root access is gained, the file system reveals **sensitive credentials in plaintext**, including:
  - **Wi-Fi SSID and password**
  - **ONVIF service authentication credentials**

No encryption, access control, or secure storage mechanisms protect these credentials in the current firmware.

---

## Impact

| Type                   | Description                                      |
|------------------------|--------------------------------------------------|
| **Access Vector**      | Local (via UART interface or firmware extraction) |
| **Privilege Escalation** | Yes – Root shell access is obtained             |
| **Information Disclosure** | Yes – Plaintext credentials exposed          |
| **Risk Level**         | High – Enables full device compromise and lateral movement in network |

---

## Recommendations

Until a vendor patch is made available, users are advised to:

- Monitor for unusual **ONVIF** or **RTSP** activity
- Disable ONVIF if not used
- Encrypt all sensitive data in storage and transit

---

## Discoverer

**Gadige Veeresh**  
Embedded Security Researcher  
[LinkedIn](https://linkedin.com/in/veeresh-gadige-001561225)

---

## Disclosure Timeline

| Date          | Event                                               |
|---------------|-----------------------------------------------------|
| 2025-04-27    | Vulnerability discovered                            |
| 2025-04-28    | Responsible disclosure attempt sent to vendor       |
| 2025-07-15    | CVE-2025-50777 reserved by MITRE                    |
| 2025-07-23    | Public disclosure on GitHub                         |

---

## Reference

- [http://aziot.com](http://aziot.com) – Vendor website

---

## Legal Note

This disclosure is for educational and research purposes only. The author does not assume responsibility for any misuse of this information.

文件快照

 [4.0K]  /data/pocs/49e987e4aad19cef6c357f33290e7de589009a2f
└── [2.9K]  README.md

0 directories, 1 file

备注