AZIOT 2MP Full HD Smart Wi-Fi CCTV Access Control Vulnerability Allowing Root Access and Credential Exposure

Vulnerability

An incorrect access control vulnerability has been identified in the firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera, specifically in version V1.00.02. This vulnerability allows local attackers to gain root shell access. Once root access is obtained, the device exposes critical data, including Wi-Fi credentials and ONVIF service authentication details, both stored in plaintext. This lack of proper access control and encryption enables further compromise of the network and connected systems.

Impact

Exploitation of this vulnerability leads to unauthorized root access on the device, allowing full control over the camera. Additionally, it exposes sensitive credentials in plaintext, including Wi-Fi and ONVIF service authentication details, which could be used to compromise the user's network and connected systems.

Added: Jul 30, 2025, 7:21 PM

Updated: Jul 30, 2025, 8:48 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

1.9

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

1.9

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AZIOT 2MP Full HD Smart Wi-Fi CCTV Access Control Vulnerability Allowing Root Access and Credential Exposure

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating