Primary

Context

Denver SHC-150 Smart Wifi Camera Hardcoded Telnet Credential Vulnerability Allowing Remote Code Execution

Vulnerability

A vulnerability exists in the Denver SHC-150 Smart Wifi Camera due to hardcoded telnet credentials. This flaw allows unauthenticated attackers to access a Linux shell on the camera's operating system. The vulnerability is present in all firmware versions of the SHC-150 model. Exploitation involves connecting to the camera's telnet service on port 23 with the default credential, 'default', to execute arbitrary commands.

Impact

Exploitation of this vulnerability leads to unauthorized access to the camera's operating system, allowing for arbitrary command execution.

Reproduction

To reproduce this vulnerability, connect to the camera's telnet service on port 23 using the default credential 'default'. Once connected, a Linux shell is accessible, from which commands can be executed on the camera's operating system.

Added: Jan 16, 2026, 12:41 AM

Updated: Jan 16, 2026, 12:41 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Denver SHC-150 Smart Wifi Camera Hardcoded Telnet Credential Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating