Details of VAR-201602-0184

ID

VAR-201602-0184

CVE

CVE-2015-8286

TITLE

Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password

Trust: 0.8

sources: CERT/CC: VU#923388

DESCRIPTION

Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. Swann network video recorder (NVR) devices contain a hard-coded password and do not require authentication to view the video feed when accessing from specific URLs. Digital Video Recorders (DVRs), security cameras, and possibly other devices from multiple vendors use a firmware derived from Zhuhai RaySharp that contains a hard-coded root password. Zhuhai Allianz Technology Co., Ltd. Zhuhai Allianz Technology Co., Ltd

Trust: 3.69

sources: NVD: CVE-2015-8286 // CERT/CC: VU#923388 // CERT/CC: VU#899080 // JVNDB: JVNDB-2016-001610 // CNVD: CNVD-2016-01417 // VULHUB: VHN-86247

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-01417

AFFECTED PRODUCTS

vendor:	zhuhai	model:	raysharp	scope:	eq	version:	*	Trust: 1.0
vendor:	swann	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	zhuhai raysharp	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	zhuhai raysharp	model:	zhuhai raysharp	scope:	-	version:	-	Trust: 0.8
vendor:	zhuhai anlian ruishi	model:	raysharp for dvrs	scope:	-	version:	-	Trust: 0.6
vendor:	zhuhai	model:	raysharp	scope:	-	version:	-	Trust: 0.6

sources: CERT/CC: VU#899080 // CNVD: CNVD-2016-01417 // JVNDB: JVNDB-2016-001610 // CNNVD: CNNVD-201602-349 // NVD: CVE-2015-8286

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-8286
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2015-8286
value:	HIGH
Trust: 0.8
IPA:	JVNDB-2016-001610
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-01417
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201602-349
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-86247
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-8286
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2015-8286
severity:	HIGH
baseScore:	10.0
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2016-001610
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-01417
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-86247
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-8286
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: CERT/CC: VU#899080 // CNVD: CNVD-2016-01417 // VULHUB: VHN-86247 // JVNDB: JVNDB-2016-001610 // CNNVD: CNNVD-201602-349 // NVD: CVE-2015-8286

PROBLEMTYPE DATA

problemtype:	CWE-254	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-86247 // JVNDB: JVNDB-2016-001610 // NVD: CVE-2015-8286

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201602-349

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201602-349

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001610

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#899080

PATCH

title:

Homepage

url:

http://raysharp.manufacturer.globalsources.com/si/6008826226857/Homepage.htm

Trust: 0.8

sources: JVNDB: JVNDB-2016-001610

EXTERNAL IDS

db:	CERT/CC	id:	VU#899080	Trust: 3.9
db:	CERT/CC	id:	VU#923388	Trust: 3.3
db:	NVD	id:	CVE-2015-8286	Trust: 3.1
db:	JVN	id:	JVNVU99656630	Trust: 0.8
db:	JVN	id:	JVNVU90746018	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-001610	Trust: 0.8
db:	BID	id:	83294	Trust: 0.6
db:	CNVD	id:	CNVD-2016-01417	Trust: 0.6
db:	CNNVD	id:	CNNVD-201602-349	Trust: 0.6
db:	VULHUB	id:	VHN-86247	Trust: 0.1

sources: CERT/CC: VU#923388 // CERT/CC: VU#899080 // CNVD: CNVD-2016-01417 // VULHUB: VHN-86247 // JVNDB: JVNDB-2016-001610 // CNNVD: CNNVD-201602-349 // NVD: CVE-2015-8286

REFERENCES

url:	http://seclists.org/bugtraq/2015/jun/117	Trust: 3.1
url:	http://www.kb.cert.org/vuls/id/899080	Trust: 3.1
url:	http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking/	Trust: 2.5
url:	http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/923388	Trust: 2.5
url:	https://community.rapid7.com/community/metasploit/blog/2013/01/23/ray-sharp-cctv-dvr-password-retrieval-remote-root	Trust: 1.7
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8286	Trust: 1.4
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	https://www.riskbasedsecurity.com/research/rbs-2016-001.pdf	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8286	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu99656630	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu90746018	Trust: 0.8
url:	http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking/#7b804d534fd2	Trust: 0.6
url:	http://www.freebuf.com/news/7154.html	Trust: 0.6

SOURCES

db:	CERT/CC	id:	VU#923388
db:	CERT/CC	id:	VU#899080
db:	CNVD	id:	CNVD-2016-01417
db:	VULHUB	id:	VHN-86247
db:	JVNDB	id:	JVNDB-2016-001610
db:	CNNVD	id:	CNNVD-201602-349
db:	NVD	id:	CVE-2015-8286

LAST UPDATE DATE

2025-04-13T23:25:10.571000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#923388	date:	2016-02-17T00:00:00
db:	CERT/CC	id:	VU#899080	date:	2016-02-19T00:00:00
db:	CNVD	id:	CNVD-2016-01417	date:	2016-03-03T00:00:00
db:	VULHUB	id:	VHN-86247	date:	2016-03-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-001610	date:	2016-04-05T00:00:00
db:	CNNVD	id:	CNNVD-201602-349	date:	2016-02-19T00:00:00
db:	NVD	id:	CVE-2015-8286	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#923388	date:	2016-02-17T00:00:00
db:	CERT/CC	id:	VU#899080	date:	2016-02-17T00:00:00
db:	CNVD	id:	CNVD-2016-01417	date:	2016-02-18T00:00:00
db:	VULHUB	id:	VHN-86247	date:	2016-02-18T00:00:00
db:	JVNDB	id:	JVNDB-2016-001610	date:	2016-03-08T00:00:00
db:	CNNVD	id:	CNNVD-201602-349	date:	2016-02-19T00:00:00
db:	NVD	id:	CVE-2015-8286	date:	2016-02-18T05:59:00.200