Sign-up

ID

VAR-202102-0064


CVE

CVE-2020-11915


TITLE

Svakom Siime Eye  Vulnerability in resetting resources to unsafe default values in

Trust: 0.8

sources: JVNDB: JVNDB-2020-015971

DESCRIPTION

An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to the webserver, it is possible to enable the telnet interface on the device. The telnet interface can then be used to obtain access to the device with root privileges via a reecam4debug default password. This default telnet password is the same across all Siime Eye devices. In order for the attack to be exploited, an attacker must be physically close in order to connect to the device's Wi-Fi access point. Svakom Siime Eye There is a vulnerability in the initialization of resources to insecure default values.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. ------------------------------------------ [Additional Information] The vulnerability was first discovered by Pentest Partners, later on it was also discovered by Qbit as the issues remain unaddressed by the vendor. default telnet password is the same across all Siime Eye devices and possibly even across all devices created by this developer ------------------------------------------ [Vulnerability Type] Incorrect Access Control ------------------------------------------ [Vendor of Product] Svakom ------------------------------------------ [Affected Product Code Base] Siime Eye - 14.1.00000001.3.330.0.0.3.14 ------------------------------------------ [Affected Component] Siime Eye device ------------------------------------------ [Attack Type] Physical ------------------------------------------ [Impact Code execution] true ------------------------------------------ [Attack Vectors] An attacker must first obtain access to the Wi-Fi access point of the device, after which the exploit can be done using simple network commands. ------------------------------------------ [Reference] https://www.pentestpartners.com/security-blog/vulnerable-wi-fi-dildo-camera-endoscope-yes-really/ N/A ------------------------------------------ [Has vendor confirmed or acknowledged the vulnerability?] true ------------------------------------------ [Discoverer] Willem Westerhof, Jasper Nota, Edwin Gozeling from Qbit during an assignment for the Consumentenbond. Unknown personnel at pentest partners who did not request a CVE back then. Use CVE-2020-11915

Trust: 1.71

sources: NVD: CVE-2020-11915 // JVNDB: JVNDB-2020-015971 // PACKETSTORM: 179794

AFFECTED PRODUCTS

vendor:svakommodel:siime eyescope:eqversion:14.1.00000001.3.330.0.0.3.14

Trust: 1.0

vendor:svakommodel:siime eyescope:eqversion: -

Trust: 0.8

vendor:svakommodel:siime eyescope:eqversion:siime eye firmware 14.1.00000001.3.330.0.0.3.14

Trust: 0.8

sources: JVNDB: JVNDB-2020-015971 // NVD: CVE-2020-11915

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-11915
value: MEDIUM

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2020-11915
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-11915
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202102-577
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2020-11915
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2020-11915
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2020-11915
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2020-015971 // CNNVD: CNNVD-202102-577 // NVD: CVE-2020-11915 // NVD: CVE-2020-11915

PROBLEMTYPE DATA

problemtype:CWE-1188

Trust: 1.0

problemtype:Initializing resources to unsafe default values (CWE-1188) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-015971 // NVD: CVE-2020-11915

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202102-577

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202102-577

PATCH

title:SIIME EYEurl:https://www.svakom.net/Siime-Eye

Trust: 0.8

sources: JVNDB: JVNDB-2020-015971

EXTERNAL IDS

db:NVDid:CVE-2020-11915

Trust: 2.6

db:JVNDBid:JVNDB-2020-015971

Trust: 0.8

db:CNNVDid:CNNVD-202102-577

Trust: 0.6

db:OTHERid:NONE

Trust: 0.1

db:PACKETSTORMid:179794

Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2020-015971 // PACKETSTORM: 179794 // CNNVD: CNNVD-202102-577 // NVD: CVE-2020-11915

REFERENCES

url:https://www.pentestpartners.com/security-blog/vulnerable-wi-fi-dildo-camera-endoscope-yes-really/

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-11915

Trust: 1.5

url:http://seclists.org/fulldisclosure/2024/jul/14

Trust: 1.0

sources: JVNDB: JVNDB-2020-015971 // PACKETSTORM: 179794 // CNNVD: CNNVD-202102-577 // NVD: CVE-2020-11915

CREDITS

Willem Westerhof | Secura

Trust: 0.1

sources: OTHER: None

SOURCES

db:OTHERid: -
db:JVNDBid:JVNDB-2020-015971
db:PACKETSTORMid:179794
db:CNNVDid:CNNVD-202102-577
db:NVDid:CVE-2020-11915

LAST UPDATE DATE

2025-01-30T19:51:38.182000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2020-015971date:2021-10-27T08:43:00
db:CNNVDid:CNNVD-202102-577date:2021-02-18T00:00:00
db:NVDid:CVE-2020-11915date:2024-11-21T04:58:53.687

SOURCES RELEASE DATE

db:OTHERid: - date:2024-07-26T13:11:06
db:JVNDBid:JVNDB-2020-015971date:2021-10-27T00:00:00
db:PACKETSTORMid:179794date:2024-07-30T12:35:43
db:CNNVDid:CNNVD-202102-577date:2021-02-07T00:00:00
db:NVDid:CVE-2020-11915date:2021-02-08T02:15:12.083