CVE-2025-9382
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-24

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-24
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-08-24
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9382
EUVD
EUVD-2025-25692
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
fnkvision y215 10.194.120.40
fnkvision y215 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-912 The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the FNKvision Y215 CCTV Camera is caused by an undocumented backdoor triggered when a file named "s1_rf_test_config" is placed on an inserted SD card. This causes the device to automatically start the Telnet service, which uses hardcoded and publicly known credentials. Attackers with brief physical access to the device can enable remote administrative access without proper authentication, significantly increasing the attack surface and allowing unauthorized access. [1, 2]


How can this vulnerability impact me? :

The vulnerability allows attackers with physical access to the device to enable a backdoor that provides remote administrative access without authentication. This compromises the confidentiality, integrity, and availability of the device, potentially allowing unauthorized control, data exposure, or disruption of the CCTV camera's operation. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking if the device has the file named "s1_rf_test_config" on an inserted SD card, which triggers the Telnet service. Additionally, you can scan the device for an active Telnet service on the IP 10.194.120.40. Since the Telnet service uses hardcoded credentials, attempting to connect via Telnet to the device and verifying access may indicate the presence of the backdoor. Network scanning tools like nmap can be used to detect open Telnet ports (usually port 23). Example command: `nmap -p 23 10.194.120.40` to check if Telnet is open. If Telnet is open, attempting to login with known default credentials can confirm the vulnerability. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include physically removing or preventing insertion of SD cards containing the file "s1_rf_test_config" to avoid triggering the backdoor. Since no patches or vendor mitigations are available, it is recommended to replace the affected FNKvision Y215 CCTV Camera device. Additionally, restricting physical access to the device to prevent attackers from inserting the malicious file is critical. Network-level controls such as blocking Telnet access to the device can reduce exposure. [2, 1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart