CVE-2020-37146
Configuration Disclosure in ACE Security WiP-90113 HD Camera
Publication date: 2026-02-07
Last updated on: 2026-02-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ace_security | wip-90113_hd_camera | * |
| aptina | ar0130_960p_1.3mp_camera | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'The ACE Security WiP-90113 HD Camera has a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files.'}, {'type': 'paragraph', 'content': "Attackers can access the camera's configuration backup by sending a GET request to a specific endpoint, exposing credentials and system settings."}, {'type': 'paragraph', 'content': 'Specifically, the vulnerability allows remote retrieval of a gzipped configuration backup file containing sensitive information such as usernames and passwords in plaintext.'}, {'type': 'paragraph', 'content': 'This can be done without any authentication by accessing a particular URL path on the device.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can lead to unauthorized disclosure of sensitive configuration data, including administrative credentials.'}, {'type': 'paragraph', 'content': "An attacker who exploits this vulnerability can gain access to the camera's system settings and credentials, potentially leading to full compromise of the device."}, {'type': 'paragraph', 'content': 'Such access could allow attackers to manipulate the camera, intercept video feeds, or use the device as a foothold for further attacks within a network.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by sending an unauthenticated HTTP GET request to the camera's configuration backup endpoint and checking the response."}, {'type': 'paragraph', 'content': 'Specifically, you can send a GET request to the path `/web/cgi-bin/hi3510/backup.cgi` on the target device.'}, {'type': 'paragraph', 'content': 'If the response status code is 200 and returns a gzipped configuration file, the device is vulnerable.'}, {'type': 'paragraph', 'content': 'A practical command using curl to test this would be:'}, {'type': 'list_item', 'content': 'curl -k -v https://<target-ip-or-hostname>/web/cgi-bin/hi3510/backup.cgi -o config_backup.bin'}, {'type': 'paragraph', 'content': 'If the file is downloaded successfully and contains sensitive configuration data, the vulnerability is present.'}, {'type': 'paragraph', 'content': 'Alternatively, an existing Perl exploit script can be used to automate detection and extraction of credentials.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
I don't know