CVE-2021-30169

Published: Apr 28, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant user’s credential.

Affected (41)

Products: Meritlilin: P2r8852e2 Firmware, P2r8852e4 Firmware, P2r6852e2 Firmware, P2r6852e4 Firmware, P2r6552e2 Firmware, P2r6552e4 Firmware, P2r6352ae2 Firmware, P2r6352ae4 Firmware, P2r3052ae2 Firmware, P2g1052 Firmware, P2r8822e2 Firmware, P2r8822e4 Firmware, P2r6822e2 Firmware, P2r6822e4 Firmware, P2r6522e2 Firmware, P2r6522e4 Firmware, P2r6322ae2 Firmware, P2r6322ae4 Firmware, P2r3022ae2 Firmware, P2g1022 Firmware, P2g1022x Firmware, Z2r8852ax Firmware, Z2r8152x P Firmware, Z2r8152x2 P Firmware, Z2r8052ex25 Firmware, Z2r6552x Firmware, Z2r6452ax Firmware, Z2r6452ax P Firmware, Z2r8822ax Firmware, Z2r8122x P Firmware, Z2r8122x2 P Firmware, Z2r8022ex25 Firmware, Z2r6522x Firmware, Z2r6422ax Firmware, Z2r6422ax P Firmware, P3r6322e2 Firmware, P3r6522e2 Firmware, P3r8822e2 Firmware, Z3r6422x3 Firmware, Z3r6522x Firmware, Z3r8922x3 Firmware

41 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r8852e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r8852e2	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r8852e4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r8852e4	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6852e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6852e2	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6852e4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6852e4	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6552e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6552e2	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6552e4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6552e4	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6352ae2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6352ae2	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6352ae4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6352ae4	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r3052ae2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r3052ae2	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2g1052 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2g1052	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r8822e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r8822e2	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r8822e4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r8822e4	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6822e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6822e2	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6822e4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6822e4	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6522e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6522e2	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6522e4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6522e4	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6322ae2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6322ae2	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r6322ae4 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r6322ae4	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2r3022ae2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2r3022ae2	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2g1022 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2g1022	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P2g1022x Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P2g1022x	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8852ax Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8852ax	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8152x P Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8152x P	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8152x2 P Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8152x2 P	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8052ex25 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8052ex25	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r6552x Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r6552x	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r6452ax Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r6452ax	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r6452ax P Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r6452ax P	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8822ax Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8822ax	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8122x P Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8122x P	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8122x2 P Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8122x2 P	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r8022ex25 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r8022ex25	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r6522x Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r6522x	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r6422ax Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r6422ax	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z2r6422ax P Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z2r6422ax P	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P3r6322e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P3r6322e2	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P3r6522e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P3r6522e2	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin P3r8822e2 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin P3r8822e2	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z3r6422x3 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z3r6422x3	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z3r6522x Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z3r6522x	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meritlilin Z3r8922x3 Firmware	Before 7.1.94.8908

Running on/with	Platform Versions
Meritlilin Z3r8922x3	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (8)

https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e

Source: twcert@cert.org.tw

Third Party Advisory

https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388

Source: twcert@cert.org.tw

Third Party Advisory

https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf

Source: twcert@cert.org.tw

Vendor Advisory

https://www.twcert.org.tw/tw/cp-132-4679-d308c-1.html

Source: twcert@cert.org.tw

Third Party Advisory

https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.twcert.org.tw/tw/cp-132-4679-d308c-1.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.