CVE-2025-7503
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-11

Last updated on: 2025-07-15

Assigner: Toreon

Description
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with network access can authenticate using default credentials and gain root-level shell access to the device. The affected firmware version is AppFHE1_V1.0.6.0 (Kernel: KerFHE1_PTZ_WIFI_V3.1.1, Hardware: HwFHE1_WF6_PTZ_WIFI_20201218). No official fix or firmware update is available, and the vendor could not be contacted. This vulnerability allows for remote code execution and privilege escalation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-11
Last Modified
2025-07-15
Generated
2026-05-07
AI Q&A
2025-07-11
EPSS Evaluated
2026-05-05
NVD
CVE-2025-7503
EUVD
EUVD-2025-21182
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
shenzhen_liandian_communication_technology_ltd v380_cctv_ip_camera kerfhe1_ptz_wifi_v3.1.1
shenzhen_liandian_communication_technology_ltd v380_cctv_ip_camera appfhe1_v1.0.6.0
shenzhen_liandian_communication_technology_ltd v380_cctv_ip_camera appfhe1_v1.0.6.020230803
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves an OEM IP camera by Shenzhen Liandian Communication Technology LTD that has a Telnet service enabled by default on port 23. The Telnet service uses undocumented default credentials that cannot be changed or disabled via the device's web interface or user manual. An attacker with network access can use these default credentials to log in and gain root-level shell access, allowing remote code execution and privilege escalation.


How can this vulnerability impact me? :

If exploited, this vulnerability allows an attacker to gain root-level access to the affected IP camera remotely. This can lead to unauthorized control over the device, execution of arbitrary code, potential spying, disruption of device functionality, and use of the device as a foothold for further attacks within the network.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by scanning your network for devices with port 23 (Telnet) open and attempting to connect using the default, undocumented credentials. For example, use the command 'nmap -p 23 --open <target-ip>' to identify devices with Telnet enabled. Then, use a Telnet client to attempt login with default credentials. Successful login indicates the device is vulnerable.


What immediate steps should I take to mitigate this vulnerability?

Since no official fix or firmware update is available and the Telnet service cannot be disabled or configured via the device interface, immediate mitigation steps include isolating the affected devices from untrusted networks, blocking port 23 at network firewalls to prevent external access, and monitoring for unauthorized Telnet access attempts. Consider replacing the affected devices with more secure alternatives if possible.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart