CVE-2021-40380

Vulnerability

The Compro IP70 (firmware 2.08_7130218), IP570 (firmware 2.08_7130520), IP60, and TN540 network cameras expose sensitive credentials through the cameralist.cgi and setcamera.cgi CGI endpoints. These endpoints are accessible without authentication, allowing any network attacker to retrieve stored usernames and passwords in plaintext [1].

Exploitation

An attacker with network access to the camera can directly request the vulnerable CGI scripts (e.g., http:///cameralist.cgi or http:///setcamera.cgi). No authentication or prior interaction is required. The response contains the camera's administrative credentials in clear text [1].

Impact

Successful exploitation results in full disclosure of the camera's administrative credentials. An attacker can then log into the camera's web interface, change settings, view live video feeds, or pivot to other devices on the network. This compromises the confidentiality and integrity of the camera system [1].

Mitigation

As of the publication date (2021-09-01), no official firmware update or patch has been released by Compro Technology to address this issue. Users are advised to restrict network access to the cameras (e.g., via firewall rules or VLAN segmentation) and monitor for any vendor updates. The affected devices may be end-of-life; contacting the vendor for guidance is recommended [1].