Vulnerability Details CVE-2020-28999
An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. A remote attacker can take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into a shared library (libhipcam.so) used to provide the streaming camera service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.9%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
Products affected by CVE-2020-28999
-
cpe:2.3:h:mygeeni:gnc-cw013:-
-
cpe:2.3:o:mygeeni:gnc-cw013_firmware:1.8.1