High severityNVD Advisory· Published Nov 14, 2025· Updated Apr 15, 2026

CVE-2021-4468

Description

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated attacker can directly retrieve a compressed configuration backup file from the device. The backup contains sensitive configuration information, including credentials, allowing an attacker to obtain administrative access to the camera and compromise the confidentiality of the monitored environment.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cxsecurity.com/issue/WLB-2021010050nvd
packetstorm.news/files/id/160805/nvd
www.planex.co.jp/products/cs-qp50f/nvd
www.vulncheck.com/advisories/planex-cs-qp50f-ing2-smart-camera-remote-configuration-disclosurenvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000