Details of VAR-202504-2789

ID

VAR-202504-2789

TITLE

Canon vb-c60 camera has a remote control backdoor vulnerability

Trust: 0.6

sources: CNVD: CNVD-2015-02691

DESCRIPTION

Canon is a Japanese company dedicated to imaging, optics and office automation products, including cameras, camcorders, copiers, fax machines, image scanners and printers. Canon vb-c60 camera has a remote control backdoor vulnerability, allowing attackers to send a get request with specific parameters to image.cgi without identity authentication, and then control the camera up and down, left and right, and adjust the focus.

Trust: 0.6

sources: CNVD: CNVD-2015-02691

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-02691

AFFECTED PRODUCTS

vendor:

japanese

model:

canon canon vb-c60

scope:

version:

v1.1.3

Trust: 0.6

sources: CNVD: CNVD-2015-02691

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2015-02691
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2015-02691
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2015-02691

PATCH

title:

Canon VB-C60 network camera has unauthorized access and control vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/57290

Trust: 0.6

sources: CNVD: CNVD-2015-02691

EXTERNAL IDS

db:

CNVD

id:

CNVD-2015-02691

Trust: 0.6

sources: CNVD: CNVD-2015-02691

SOURCES

db:

CNVD

id:

CNVD-2015-02691

LAST UPDATE DATE

2025-04-20T23:42:40.560000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2015-02691

date:

2015-06-03T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2015-02691

date:

2025-04-01T00:00:00