CVE-2025-50777

Published: Jul 30, 2025Modified: Aug 6, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service credentials stored in plaintext, enabling further compromise of the network and connected systems.

Affected (1)

Products: Aziot: 2mp Full Hd Smart Wi Fi Cctv Home Security Camera Firmware

1 product

2mp Full Hd Smart Wi Fi Cctv Home Security Camera Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Aziot 2mp Full Hd Smart Wi Fi Cctv Home Security Camera Firmware	Version 1.00.02

Running on/with	Platform Versions
Aziot 2mp Full Hd Smart Wi Fi Cctv Home Security Camera	All versions

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (2)

http://aziot.com

Source: cve@mitre.org

Broken Link

https://github.com/veereshgadige/aziot-cctv-cve-2025-50777

Source: cve@mitre.org

Third Party Advisory

Timeline

No history available yet.