CVE-2020-37157
Configuration Disclosure in DBPower C300 Camera Exposes Credentials
Publication date: 2026-02-07
Last updated on: 2026-02-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dbpower | c300_hd_camera | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'The DBPower C300 HD Camera has a configuration disclosure vulnerability that allows unauthenticated attackers to download a configuration backup file from an unprotected endpoint. This backup file contains sensitive information such as hardcoded usernames and passwords.'}, {'type': 'paragraph', 'content': "The vulnerability exists because the camera's web interface exposes a configuration backup file without proper access controls, enabling attackers to retrieve it by sending an HTTP GET request to a specific URL path."}, {'type': 'paragraph', 'content': 'Additionally, the device uses client-side cookie-based authorization checks, which can be manipulated to escalate privileges from guest to admin, further compromising the device.'}] [1, 2]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'An attacker exploiting this vulnerability can obtain sensitive credentials such as usernames and passwords without any authentication.'}, {'type': 'paragraph', 'content': 'With these credentials and the ability to escalate privileges via cookie manipulation, an attacker can gain full administrative control over the camera.'}, {'type': 'list_item', 'content': "Compromise the camera's video streams."}, {'type': 'list_item', 'content': 'Alter device settings.'}, {'type': 'list_item', 'content': 'Use the compromised device as a foothold for further attacks within the network.'}] [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the vulnerable configuration backup endpoint on the DBPower C300 HD Camera. Specifically, sending an HTTP GET request to the path /web/cgi-bin/hi3510/backup.cgi can reveal if the device is exposing sensitive configuration data without authentication.
A practical detection method is to use command-line tools like curl or wget to request the backup file and check the response.
- curl -i http://<camera-ip>/web/cgi-bin/hi3510/backup.cgi
- wget http://<camera-ip>/web/cgi-bin/hi3510/backup.cgi -O config_backup.bin
If the HTTP response code is 200 and the file is retrieved, it indicates the vulnerability is present. The retrieved file may be gzipped and contain sensitive credentials such as usernames and passwords.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable configuration backup endpoint to prevent unauthorized downloads.
Since the vulnerability arises from improper access controls and weak authentication, it is recommended to:
- Disable or restrict access to the /web/cgi-bin/hi3510/backup.cgi endpoint on the device or network firewall.
- Change default credentials (e.g., admin:admin) to strong, unique passwords.
- Avoid using this camera firmware if possible, as it contains fundamental security flaws.
- Implement network segmentation to isolate the camera from critical network resources.
Long-term mitigation requires vendor firmware updates that enforce proper server-side authentication and access controls.