VYPR
← All advisories
High severity7.7NVD Advisory· Published Jun 11, 2026

CVE-2026-50005

CVE-2026-50005

Description

Brickcom cameras ship with default credentials, allowing unauthenticated remote attackers to access live video feeds and gain administrative control.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Brickcom cameras ship with default credentials, allowing unauthenticated remote attackers to access live video feeds and gain administrative control.

Vulnerability

The affected Brickcom cameras (Cube, Dome, Bullet, Box version 3.2.3.5.6) ship with default credentials. This allows any unauthenticated remote attacker to access camera feeds without authentication [1]. The vulnerability is identified as CWE-1392 (Use of Default Credentials) [2].

Exploitation

An attacker with network access to the camera can exploit the default credentials to gain unauthorized access to live video feeds and administrative functions. No authentication or user interaction is required; the attacker can silently connect to the camera using the factory-set username and password [1].

Impact

Successful exploitation allows the attacker to view live video feeds, retrieve sensitive visual information from the premises, and obtain full administrative control of the device. This compromises confidentiality and can lead to further network intrusion [1].

Mitigation

As of the advisory publication date (2026-06-11), no firmware update has been released to address this issue. Users should immediately change default credentials to strong, unique passwords and restrict network access to trusted hosts. The affected products are considered known_affected [1][2].

References
  1. Brickcom Cameras | CISA
  2. CSAF/csaf_files/OT/white/2026/icsa-26-162-03.json at develop · cisagov/CSAF

AI Insight generated on Jun 11, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"The device ships with default credentials that are never changed, allowing unauthenticated access to camera feeds."

Attack vector

An unauthenticated remote attacker can access camera feeds by using the default credentials that ship with the device [CWE-1392] [ref_id=1]. No authentication is required because the device does not force credential changes upon first use. The attacker can silently view live video feeds without triggering any alert on the device [ref_id=1].

Affected code

The advisory does not specify a particular function or file path. The vulnerability exists in the authentication mechanism of Brickcom Cube, Dome, Bullet, and Box cameras running firmware version 3.2.3.5.6 [ref_id=1].

What the fix does

No patch is published in the advisory. CISA recommends minimizing network exposure, isolating cameras behind firewalls, and using VPNs for remote access [ref_id=1]. The vendor should require credential changes on first login or remove default credentials entirely to close this vulnerability.

Preconditions

  • networkThe attacker must have network access to the Brickcom camera (local network or exposed WAN interface).
  • configThe camera must be using its factory-default credentials (no prior credential change).

Generated on Jun 11, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

1