9.8
CVE-2025-35451
- EPSS 0.15%
- Veröffentlicht 05.09.2025 17:43:53
- Zuletzt bearbeitet 14.01.2026 15:33:46
- Quelle 9119a7d8-5eab-497f-8521-727c67
- CVE-Watchlists
- Unerledigt
LoginPTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ptzoptics ≫ Pt12x-sdi-xx-g2 Firmware Version <= 6.3.34
Ptzoptics ≫ Pt12x-ndi-xx Firmware Version <= 6.3.34
Ptzoptics ≫ Pt12x-usb-xx-g2 Firmware Version <= 6.2.81
Ptzoptics ≫ Pt20x-sdi-xx-g2 Firmware Version <= 6.3.20
Ptzoptics ≫ Pt20x-ndi-xx Firmware Version <= 6.3.20
Ptzoptics ≫ Pt20x-usb-xx-g2 Firmware Version <= 6.2.73
Ptzoptics ≫ Pt30x-sdi-xx-g2 Firmware Version <= 6.3.30
Ptzoptics ≫ Pt30x-ndi-xx Firmware Version <= 6.3.30
Ptzoptics ≫ Pt12x-zcam Firmware Version <= 7.2.76
Ptzoptics ≫ Pt20x-zcam Firmware Version <= 7.2.82
Ptzoptics ≫ Ptvl-zcam Firmware Version <= 7.2.79
Ptzoptics ≫ Pteptz-zcam-g2 Firmware Version <= 8.1.81
Ptzoptics ≫ Pteptz-ndi-zcam-g2 Firmware Version <= 8.1.81
Ptzoptics ≫ Vl Fixed Camera Firmware Version <= 7.2.94
Ptzoptics ≫ Ndi Fixed Camera Firmware Version <= 7.2.94
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.361 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 9119a7d8-5eab-497f-8521-727c672e3725 | 9.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| 9119a7d8-5eab-497f-8521-727c672e3725 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.