← Back

CVE-2025-57437

nvd nist
Published: Sep 22, 2025Modified: Oct 10, 2025

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The Blackmagic Web Presenter HD firmware version 3.3 exposes sensitive information via an unauthenticated Telnet service on port 9977. When connected, the service reveals extensive device configuration data including: - Model, version, and unique identifiers - Network settings including IP, MAC, DNS - Current stream platform, stream key, and streaming URL - Audio/video configuration This data can be used to hijack live streams or perform network reconnaissance.

Affected (1)

Blackmagicdesign
1 product
Web Presenter Hd Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Web Presenter Hd Firmware
Version 3.3
Running on/withPlatform Versions
Blackmagicdesign
Web Presenter Hd
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Product

Timeline

No history available yet.