go to Content

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center


SpotCam Co., Ltd. SpotCamFHD - Use of Hard-coded Cryptographic Key -1

TVN ID TVN-202308004
CVE ID CVE-2023-38024
CVSS 9.8 (Critical)
Affected Products SpotCam FHD 2: 1.0036
Description SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded Telnet credentials. An remote unauthenticated attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.
Solution update version to 1.0039 or later
Credit Lee Pu、Weber Tasi、KaiChing Wang(CHT Security)
Public Date 2023-09-19