CVE-2025-67158
BaseFortify
Publication date: 2026-01-02
Last updated on: 2026-01-08
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| revotech | i6032w-fhw | 1.0.0014 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring and logging abnormal or repeated access attempts to the /cgi-bin/jvsweb.cgi endpoint. Specifically, you can look for HTTP requests targeting this endpoint that include JSON-formatted API requests with user.name and user.digest fields. Network monitoring tools or web server logs can be used to identify such requests. While specific commands are not provided, using tools like curl or wget to send crafted requests to /cgi-bin/jvsweb.cgi and observing responses may help detect the vulnerability. Additionally, inspecting logs for unauthorized administrative API method calls such as account_get_users can indicate exploitation attempts. [1]
Can you explain this vulnerability to me?
This vulnerability is an authentication bypass in the Revotech I6032W-FHW IP camera firmware at the /cgi-bin/jvsweb.cgi API endpoint. The endpoint accepts JSON API requests with authentication fields but fails to properly validate them server-side. As a result, attackers can send arbitrary authentication values and gain unauthorized administrative access, including retrieving user account information and escalating privileges, without needing valid credentials or user interaction. [1]
How can this vulnerability impact me? :
The vulnerability allows remote attackers to bypass authentication and access sensitive user and account information on the device. Attackers can escalate privileges and potentially use this access as a foothold for further compromise of the device. This leads to a high confidentiality impact, exposing sensitive data without affecting integrity or availability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the device management interface to prevent unauthorized remote access, monitoring and logging abnormal or repeated access attempts to the vulnerable /cgi-bin/jvsweb.cgi endpoint, and applying vendor-provided firmware updates when they become available. Additionally, enforcing strict server-side validation of all authentication fields in API requests and requiring verified sessions before granting access to administrative API methods are recommended, though these may require vendor action. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated attackers to access sensitive user and account information and escalate privileges, which could lead to unauthorized disclosure of personal data. This exposure of sensitive information may result in non-compliance with data protection regulations such as GDPR and HIPAA, which require strict controls to protect personal and health information. Therefore, the authentication bypass increases the risk of violating these standards due to improper access control and potential data breaches. [1]