9.8

CVE-2025-35451

Exploit

Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PtzopticsPt12x-sdi-xx-g2 Firmware Version <= 6.3.34
   PtzopticsPt12x-sdi-xx-g2 Version-
PtzopticsPt12x-ndi-xx Firmware Version <= 6.3.34
   PtzopticsPt12x-ndi-xx Version-
PtzopticsPt12x-usb-xx-g2 Firmware Version <= 6.2.81
   PtzopticsPt12x-usb-xx-g2 Version-
PtzopticsPt20x-sdi-xx-g2 Firmware Version <= 6.3.20
   PtzopticsPt20x-sdi-xx-g2 Version-
PtzopticsPt20x-ndi-xx Firmware Version <= 6.3.20
   PtzopticsPt20x-ndi-xx Version-
PtzopticsPt20x-usb-xx-g2 Firmware Version <= 6.2.73
   PtzopticsPt20x-usb-xx-g2 Version-
PtzopticsPt30x-sdi-xx-g2 Firmware Version <= 6.3.30
   PtzopticsPt30x-sdi-xx-g2 Version-
PtzopticsPt30x-ndi-xx Firmware Version <= 6.3.30
   PtzopticsPt30x-ndi-xx Version-
PtzopticsPt12x-zcam Firmware Version <= 7.2.76
   PtzopticsPt12x-zcam Version-
PtzopticsPt20x-zcam Firmware Version <= 7.2.82
   PtzopticsPt20x-zcam Version-
PtzopticsPtvl-zcam Firmware Version <= 7.2.79
   PtzopticsPtvl-zcam Version-
PtzopticsPteptz-zcam-g2 Firmware Version <= 8.1.81
   PtzopticsPteptz-zcam-g2 Version-
PtzopticsPteptz-ndi-zcam-g2 Firmware Version <= 8.1.81
   PtzopticsPteptz-ndi-zcam-g2 Version-
PtzopticsVl Fixed Camera Firmware Version <= 7.2.94
   PtzopticsVl Fixed Camera Version-
PtzopticsNdi Fixed Camera Firmware Version <= 7.2.94
   PtzopticsNdi Fixed Camera Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.72% 0.491
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
9119a7d8-5eab-497f-8521-727c672e3725 9.3 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
9119a7d8-5eab-497f-8521-727c672e3725 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10
Third Party Advisory
US Government Resource
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json
Third Party Advisory
https://www.cve.org/CVERecord?id=CVE-2025-35451
Third Party Advisory
https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai
Third Party Advisory
https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/
Third Party Advisory
Exploit