CVE proof of concept regarding the CVE-2025-45619 vulnerabillity.**Issue details**
Camera model PTC310UV2 running firmware version 0.1.0000.59. The vulnerability is found in the web interface that is used to access the camera. The vulnerability was found during a penetration test, thus, certain information in the PoC screenshots have been redacted.
**Description**
This disclosure contains two vulnerabilities that has been identified in the AVer firmware login web interface. It should be noted that I am not very familiar with any of your products, meaning that some terms might not be used correctly. CVE-2025-45619 is the first of two vulnerabilities found during this investigation. The second vulnerability can be found here: https://github.com/weedl/CVE-2025-45620/tree/main
CVE-2025-45619 relates to open endpoints on the host. One of these endpoints exposes the valid login credentials for the administrator user on the device. More precisely the endpoint found at “https://[ipaddr]/action?get=acc” exposes valid login credentials in the tested version. The attached screenshot displays the issue:
<img width="1000" alt="bilde" src="https://github.com/user-attachments/assets/fe0b8ed5-3a15-41b8-80c5-455f9b401197" />
These credentials should not be stored on an open endpoint, moreover, they should not be stored in plaintext either. There may be other sensitive data stored on these endpoints, though, these have not been assessed in this investigation. I would suggest anyone with these systems in their environment to go over the endpoints, and should consider restricting access to them.
[4.0K] /data/pocs/8957b0b5ed55e8c2089616f598e0a7d57e650a0f
└── [1.5K] README.md
0 directories, 1 file