FKIE_CVE-2024-58336

Vulnerability from fkie_nvd - Published: 2025-12-30 23:15 - Updated: 2026-01-16 19:16
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affected Akuvox doorphone and intercom devices.
References
disclosure@vulncheck.comhttps://packetstormsecurity.com/files/180262/Broken Link
disclosure@vulncheck.comhttps://www.vulncheck.com/advisories/akuvox-smart-intercom-s-unauthenticated-video-stream-disclosureThird Party Advisory
disclosure@vulncheck.comhttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.phpThird Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.phpThird Party Advisory
Impacted products
Vendor Product Version
akuvox s539_firmware 912.30.1.137
akuvox s539 -
akuvox s532_firmware 912.30.1.137
akuvox s532 -
akuvox x916_firmware 912.30.1.137
akuvox x916 -
akuvox x915_firmware 912.30.1.137
akuvox x915 -
akuvox x912_firmware 912.30.1.137
akuvox x912 -
akuvox r29_firmware 912.30.1.137
akuvox r29 -
akuvox r20k-2_firmware 912.30.1.137
akuvox r20k-2 -
akuvox r20a-2_firmware 912.30.1.137
akuvox r20a-2 -
akuvox c313w-2_firmware 912.30.1.137
akuvox c313w-2 -
akuvox ns-2_firmware 912.30.1.137
akuvox ns-2 -
akuvox nc-2_firmware 912.30.1.137
akuvox nc-2 -
akuvox nx-2_firmware 912.30.1.137
akuvox nx-2 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:s539_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B93FB44-0535-41BC-BF4C-2D8F0C3FE85D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:s539:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "675AF904-EEDF-4BED-A22E-A1861DD9914F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:s532_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAC3868-AEFE-4D6A-9B46-E5D1C2EB71D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:s532:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E3746E-8A88-4859-B1AC-2EED52F5BAD2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:x916_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0FBA49A-8092-4FCD-88CC-94112DEE5B60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:x916:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DAFEA0C-F8CF-4F1D-8088-6F964806C6EB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:x915_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "1757ADA6-F7AB-4D45-96BC-FE57026AB657",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:x915:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AF26BB-C4BC-4545-92B8-3B9B95764476",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:x912_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86BCBD1-CF43-48EC-8C4B-AB979E5E8768",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:x912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AB133A3-D540-4F2F-8B13-1E22C5E0E3AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:r29_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "0006AED3-ED18-47A4-B958-04CBFFC25499",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:r29:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "938BF758-03AE-41C3-9C96-57046116D574",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:r20k-2_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "352066CD-300D-4374-900F-A5ED571F7FA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:r20k-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AA1254-009A-454E-B5E7-9624D5342360",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:r20a-2_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "1264C5AE-658F-4403-AEFC-D173713DD42A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:r20a-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D81E42E-BF72-4D3E-BF5C-3ACFE0D8B89C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:c313w-2_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B9C0606-EFDE-4C00-9EE8-4E08957A3309",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:c313w-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFCB3FB9-ECA5-45CF-B87B-64784EF01327",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:ns-2_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAAE1054-9DFB-41CC-BDA0-EA20FB02AE3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:ns-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "860C90D8-61DD-4692-8793-2A9AFC91CFBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:nc-2_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "92992790-5B86-41D1-BB19-09705C5FBEDD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:nc-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07F48379-47CE-498A-A930-009A8FE752ED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:akuvox:nx-2_firmware:912.30.1.137:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA09C720-D7A0-4966-81AC-DA279B69B5D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:akuvox:nx-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C9FB0D-D5A7-455A-8C79-88A1C4889037",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affected Akuvox doorphone and intercom devices."
    }
  ],
  "id": "CVE-2024-58336",
  "lastModified": "2026-01-16T19:16:15.663",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "disclosure@vulncheck.com",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "disclosure@vulncheck.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-12-30T23:15:48.880",
  "references": [
    {
      "source": "disclosure@vulncheck.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://packetstormsecurity.com/files/180262/"
    },
    {
      "source": "disclosure@vulncheck.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.vulncheck.com/advisories/akuvox-smart-intercom-s-unauthenticated-video-stream-disclosure"
    },
    {
      "source": "disclosure@vulncheck.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php"
    }
  ],
  "sourceIdentifier": "disclosure@vulncheck.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "disclosure@vulncheck.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.