Sign-up

ID

VAR-202104-1272


CVE

CVE-2021-30165


TITLE

Edimax Technology wireless network camera Trust Management Issue Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-1922

DESCRIPTION

The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices

Trust: 0.99

sources: NVD: CVE-2021-30165 // VULMON: CVE-2021-30165

IOT TAXONOMY

category:['camera device']sub_category:camera

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:edimaxmodel:ic-3140wscope:eqversion:3.11

Trust: 1.0

sources: NVD: CVE-2021-30165

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30165
value: HIGH

Trust: 1.0

twcert@cert.org.tw: CVE-2021-30165
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202104-1922
value: HIGH

Trust: 0.6

VULMON: CVE-2021-30165
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-30165
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2021-30165
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

twcert@cert.org.tw: CVE-2021-30165
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2021-30165 // CNNVD: CNNVD-202104-1922 // NVD: CVE-2021-30165 // NVD: CVE-2021-30165

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.0

sources: NVD: CVE-2021-30165

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-1922

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-202104-1922

PATCH

title:Edimax Technology wireless network camera Repair measures for trust management problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148599

Trust: 0.6

title:CVE-2021-30165url:https://github.com/JamesGeee/CVE-2021-30165

Trust: 0.1

sources: VULMON: CVE-2021-30165 // CNNVD: CNNVD-202104-1922

EXTERNAL IDS

db:NVDid:CVE-2021-30165

Trust: 1.8

db:CNNVDid:CNNVD-202104-1922

Trust: 0.6

db:OTHERid:NONE

Trust: 0.1

db:VULMONid:CVE-2021-30165

Trust: 0.1

sources: OTHER: None // VULMON: CVE-2021-30165 // CNNVD: CNNVD-202104-1922 // NVD: CVE-2021-30165

REFERENCES

url:https://www.twcert.org.tw/tw/cp-132-4670-359c8-1.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-30165

Trust: 0.6

url:https://ieeexplore.ieee.org/abstract/document/10769424

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/798.html

Trust: 0.1

url:https://github.com/jamesgeee/cve-2021-30165

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: OTHER: None // VULMON: CVE-2021-30165 // CNNVD: CNNVD-202104-1922 // NVD: CVE-2021-30165

SOURCES

db:OTHERid: -
db:VULMONid:CVE-2021-30165
db:CNNVDid:CNNVD-202104-1922
db:NVDid:CVE-2021-30165

LAST UPDATE DATE

2025-01-30T21:16:51.507000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-30165date:2021-05-07T00:00:00
db:CNNVDid:CNNVD-202104-1922date:2021-05-08T00:00:00
db:NVDid:CVE-2021-30165date:2024-11-21T06:03:26.183

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-30165date:2021-04-27T00:00:00
db:CNNVDid:CNNVD-202104-1922date:2021-04-26T00:00:00
db:NVDid:CVE-2021-30165date:2021-04-27T03:15:07.567