Medium severityNVD Advisory· Published Mar 6, 2025· Updated Jun 17, 2026
CVE-2024-13894
CVE-2024-13894
Description
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to path traversal. When an affected device is connected to a mobile app, it opens a port 10000 enabling a user to download pictures shot at specific moments by providing paths to the files. However, the directories to which a user has access are not limited, allowing for path traversal attacks and downloading sensitive information. The vendor has not replied to reports, so the patching status remains unknown. Newer firmware versions might be vulnerable as well.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=3.3.0
- Range: <=3.3.0
- Range: <=3.3.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.