Vulnerability: Insecure Permissions in Hisilicon Hi3510-based IP Cameras' Web Management Portal Expose WiFi Credentials
CVE-2019-10710 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
Insecure permissions in the Web management portal on all IP cameras based on Hisilicon Hi3510 firmware allow authenticated attackers to receive a network's cleartext WiFi credentials via a specific HTTP request. This affects certain devices labeled as HI3510, HI3518, LOOSAFE, LEVCOECAM, Sywstoda, BESDER, WUSONGLUSAN, GADINAN, Unitoptek, ESCAM, etc.
Learn more about our Web App Pen Testing.