VDB
CVE-2015-8286
CVE-2015-8286
PUBLISHED
CVSS 10 CRITICAL
Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000.
EPSS 7.11% · 91.7th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
7.11%
91.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| zhuhai | raysharp_firmware | |
| n/a | n/a | n/a |
Timeline
- Feb 17, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 26, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking/ url
- http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html url
- VU#899080 third-party-advisory
- VU#923388 third-party-advisory
- https://community.rapid7.com/community/metasploit/blog/2013/01/23/ray-sharp-cctv-dvr-password-retrieval-remote-root url
- 20150625 CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2015-8286 advisory
- http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking url