Security Advisory

CVE-2020-29000

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-26 01:24:59
Last updated 2024-08-04 16:48:01
Assigner mitre
State PUBLISHED

Description

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. Any attacker that has the ability to control DNS can exploit this vulnerability to remotely login to the device and gain access to the camera system.