FKIE_CVE-2025-35451
Vulnerability from fkie_nvd - Published: 2025-09-05 18:15 - Updated: 2026-01-14 15:33
Severity ?
Summary
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
References
| URL | Tags | ||
|---|---|---|---|
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json | Third Party Advisory | |
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10 | Third Party Advisory, US Government Resource | |
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://www.cve.org/CVERecord?id=CVE-2025-35451 | Third Party Advisory | |
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai | Third Party Advisory | |
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/ | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt12x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6D15AF-55E7-43B4-ADA3-D8D3834B25AE",
"versionEndIncluding": "6.3.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt12x-sdi-xx-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F77A04-EEF2-4B3B-B845-CBE5C12F1A75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt12x-ndi-xx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "544FB818-A00F-4520-A5B3-8F6F91CEBB05",
"versionEndIncluding": "6.3.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt12x-ndi-xx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB480C1-5E4E-4CD1-B506-8551336C9BBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt12x-usb-xx-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "891794C0-F65E-4928-A8FC-213E22D9D4AA",
"versionEndIncluding": "6.2.81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt12x-usb-xx-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15174DE5-6AC9-486C-ACBD-EA7C35ED311E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt20x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C82ADC-025D-4405-9AE3-78A97772021B",
"versionEndIncluding": "6.3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt20x-sdi-xx-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC09930-9A57-4287-A705-7ADD66907220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt20x-ndi-xx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5187DB-D70C-4601-B6E3-7759F7108B89",
"versionEndIncluding": "6.3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt20x-ndi-xx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1741C8-2A4C-4F43-908F-9871CFFC03D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt20x-usb-xx-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31632F71-7DC0-4B1F-B398-4185D9D05058",
"versionEndIncluding": "6.2.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt20x-usb-xx-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7AD997-CB8C-4B81-837A-B9FCEBD71053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt30x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "324B010C-C5FA-4CF1-892C-A30A3308BD2F",
"versionEndIncluding": "6.3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt30x-sdi-xx-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE846C54-C7D3-41C2-B780-20ECA621AA08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt30x-ndi-xx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C50EA5E4-114D-4CC8-A0B3-6963FEA8A4EC",
"versionEndIncluding": "6.3.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt30x-ndi-xx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD554CC3-7854-4BFA-B2F1-EEB88CB97E01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt12x-zcam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F5CF88-9BBF-49D5-8B1E-63EC91A3545F",
"versionEndIncluding": "7.2.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt12x-zcam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "709AAA3C-CDB4-4231-B134-B04FF9C072D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pt20x-zcam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51294950-DB17-496F-AD52-A16D0DC78F97",
"versionEndIncluding": "7.2.82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pt20x-zcam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57C70BF4-CD6B-4647-9538-07165BAE740E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:ptvl-zcam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43BD68E0-EBA1-49C9-A75F-B360F9999D60",
"versionEndIncluding": "7.2.79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:ptvl-zcam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56FE121-BA29-46E4-ACC6-10DF608D1D31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pteptz-zcam-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F0DCD6-77FF-4E0B-851B-D849ECE68923",
"versionEndIncluding": "8.1.81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pteptz-zcam-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25B0F708-DC3F-40C6-8E13-26962892F3CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:pteptz-ndi-zcam-g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "133BE139-56AE-4498-892C-A16DB8515F56",
"versionEndIncluding": "8.1.81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:pteptz-ndi-zcam-g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2894827-5A69-4532-B748-F5EF2DBF850B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:vl_fixed_camera_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1340FADC-A764-4A75-9987-4124A7C390AF",
"versionEndIncluding": "7.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:vl_fixed_camera:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E239F9F9-1F0B-4968-93A4-FCE2D4A38AA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ptzoptics:ndi_fixed_camera_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEDECA8-9D03-4101-A702-F42EB553A373",
"versionEndIncluding": "7.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ptzoptics:ndi_fixed_camera:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1156C67-9320-457E-9F20-EA074B61D23E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:multicam-systems:mcamii_ptz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA98A76-4DB9-4356-A7BE-41E6ECC4D3B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:multicam-systems:mcamii_ptz:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E9EF4F-E482-4061-894D-1D46D06A50DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:ba30s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3664C3EB-CECD-4621-AFF6-99A051F56ECF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:ba30s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEF548C-B07F-41F2-B401-94495E469231",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:ba20s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB7A2858-9628-4E47-BEA7-437C763305E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:ba20s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60A1A77-5C4D-4D53-88E2-53787D8650CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bv20s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94764087-5CB2-4D8A-8BF8-86D39AE02EB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bv20s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F01133-AACB-450E-AD67-0DDF9BDA8471",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bx30s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAD802D-C99C-4EC6-BB9B-A65F1B44E080",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bx30s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED2968-A70C-4B8E-86D9-6918FA44B0A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bx20n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B51C420B-D959-4908-9D69-4738BD9C2735",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bx20n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60D45C75-C063-4F19-9DFC-4C86F1843CD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bx20uhd-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FE748D-AA88-456B-8531-A3BC10A70076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bx20uhd-n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A82C682B-7BBD-4A14-B5BA-6D5D38F30910",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bx20uhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E2BBA3-0181-4A03-A2C1-CBEEBE309F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bx20uhd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6092A09-81E4-4897-9E8D-4B877D5CF40C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:ba30-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C7C66B-FB6D-48FE-A29F-D6A026000B77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:ba30-n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E52F8AE-84E5-4D27-90CE-F943CFB9F1BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:ba20-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0903CE7-E93F-446F-8C24-8CB0CB5C6C4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:ba20-n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2330045-621C-4AF0-9E8F-352C0CC13935",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:ba12-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBD404B-71FC-48F0-BA47-C311320E784F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:ba12-n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51C2D7BA-9C63-46C8-8288-D888417B5498",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:hd17h-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6115A188-C0B7-45FF-9620-C7C0EA116B01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:hd17h-n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80234A2A-4009-4FF6-B446-2BC63D713A1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bx20s-sh_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5524546-4232-45CB-B62A-21F594271161",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bx20s-sh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD5855BD-509E-4869-9D76-CA481CC979C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:hd17h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D927EAED-3F52-41FA-8A24-4372CF4F291C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:hd17h:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBAB8BC-33CD-4C0B-94DD-03E1835766E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:bv30s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "625A3DB6-F58A-4EBD-8F8F-056C73C8AB39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:bv30s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58A4629E-1803-43FA-8039-6FF91E93BFBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:smtav:ba12s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7B8B81-1910-4CBD-BDD9-E7A1AE1D31E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:smtav:ba12s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C81C8B44-A73B-49DB-BFD7-C3B0ADA5745C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx90_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C60FF97-B3B9-4999-8B8B-206CFA156155",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx90:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDFF0D5-31E8-4FC1-82C5-BEB717D989F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx720l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC721112-03C5-44B6-80A9-3AB59769FA32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx720l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E69A184-0FD0-43C9-9F77-2B7011969A27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx752ag_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66C98-807B-4077-8157-88E09B1A3CEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx752ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B19ACD8-CB3E-4D5A-B694-1F7AF29D6AC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx752a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F006B557-7A79-4041-9241-70C66E0BAA63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx752a:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C96E26D-C473-4681-A4A1-6CC698BDD52E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx751ba_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "030BCB3D-25CB-4EEF-8B38-DCF4C021B028",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx751ba:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2075B6-907C-4B16-898A-28F782074F6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx630al_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "770E3253-6A2C-477D-B65D-CE765885056D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx630al:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE616997-0BC2-4D64-BD45-C06F11B1C771",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx61asl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCB16F2-B2E7-46FE-89A3-BB90667F7818",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx61asl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4DA3CE-74B5-4F3A-9799-3785B95075F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx61basl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B97EAEC-66A2-4680-BFBF-CBD68F82A2C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx61basl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC41EBD6-A68B-4F6E-9E6C-D1EF923EF8D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx60asl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC87018-A8AA-459B-8E66-3557E4FDBE25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx60asl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63465938-AA8D-418E-9D33-0813F814BFF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx61al_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D52E02C-EFFC-4623-8C09-B3057DC6EA5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx61al:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2E5C26-5BFC-4916-A6DB-467AABF0F93E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx60al_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65C4CE23-603B-4A48-87AF-6B499CE55F57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx60al:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04F093F0-D459-4435-A4C1-AC59429E6820",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx701ra_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B1617C-2179-47D0-B86A-1AEDB18B5BB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx701ra:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10F922D8-3732-4A1F-AB9B-6A2BF3E23733",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx701ta_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65A4AD7D-D54A-4B83-8F11-B3B8B5C8D816",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx701ta:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F30C0B5D-777C-45E4-92BA-F57FF343434E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx800i2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EE9733-3A9D-4EC5-9AA2-F6470F103A27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx800i2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8798DAF2-1ADE-4C90-BE92-AB9524CC1E7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:v61w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5313367B-5C23-4AA9-8A8A-81D84D87DB54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:v61w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "965F183B-DE59-413B-B2F3-23A418365506",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:v63xl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A52DC6-112B-486B-ADB3-3A8ACC80F227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:v63xl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9BC092-4D6D-436E-92AA-7AB3199B1F3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:v60xl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0E60D7-B892-460F-8A0A-5F1A155D4A89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:v60xl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F39081-366E-4C3D-B01B-A56408B770B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx70uvs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DAE5333-0648-45B8-BF79-C22BA01A07E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx70uvs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFDC9C3-6E1F-46C6-86FA-1B1DBFF45918",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:vx71uvs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AFCC13D-8A14-4C9B-A1AC-A23E4D32A46A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:vx71uvs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30460A5C-6D10-4786-BAFF-B52F820D5190",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:valuehd:v71uvs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10818FEF-34EA-49EF-A838-DDD47E8E5A07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:valuehd:v71uvs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4EC13A-51CF-47AA-A239-5750E3F62A7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user."
}
],
"id": "CVE-2025-35451",
"lastModified": "2026-01-14T15:33:46.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary"
}
]
},
"published": "2025-09-05T18:15:41.900",
"references": [
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json"
},
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10"
},
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35451"
},
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Third Party Advisory"
],
"url": "https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai"
},
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/"
}
],
"sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…