CVE-2025-50777
BaseFortify
Publication date: 2025-07-30
Last updated on: 2025-08-06
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aziot | 2mp_full_hd_smart_wi-fi_cctv_home_security_camera_firmware | 1.00.02 |
| aziot | 2mp_full_hd_smart_wi-fi_cctv_home_security_camera | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Incorrect Access Control issue in the firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02). It allows local attackers to gain root shell access to the device, which means they can fully control it at the highest privilege level.
How can this vulnerability impact me? :
If exploited, this vulnerability can expose critical data such as Wi-Fi credentials and ONVIF service credentials stored in plaintext on the device. This can lead to further compromise of the network and connected systems, potentially allowing attackers to access other devices or sensitive information.