CVE-2021-30168
high-risk
Published 2021-04-28
The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices.
Do I need to act?
~
1.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (20)
P2R8852E2 Firmware
P2R8852E4 Firmware
P2R6852E2 Firmware
P2R6852E4 Firmware
P2R6552E2 Firmware
P2R6552E4 Firmware
P2R6352Ae2 Firmware
P2R6352Ae4 Firmware
P2R3052Ae2 Firmware
P2G1052 Firmware
P2R8822E2 Firmware
P2R8822E4 Firmware
P2R6822E2 Firmware
P2R6822E4 Firmware
P2R6522E2 Firmware
P2R6522E4 Firmware
P2R6322Ae2 Firmware
P2R6322Ae4 Firmware
P2R3022Ae2 Firmware
P2G1022 Firmware
Affected Vendors
References (8)
Third Party Advisory
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Third Party Advisory
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-4678-aad70-1.html
Third Party Advisory
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
Third Party Advisory
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-4678-aad70-1.html
61
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
5/34 · Minimal
Exposure
24/34 · High