Medium severity6.5NVD Advisory· Published Sep 26, 2022· Updated Jun 17, 2026
CVE-2022-38970
CVE-2022-38970
Description
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices.
Affected products
3- ieGeek/IG20 hipcam RealServerdescription
- Range: = 1.0
Patches
Vulnerability mechanics
References
1- www.realinfosec.net/cybersecurity-news/iegeek-vulnerabilities-still-prevalent-in-2022-amazon-ft-ig20/nvdExploitTechnical DescriptionThird Party Advisory
News mentions
0No linked articles in our index yet.