Auth bypass in Denver Sho-110

CVE-2021-4469

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allo…

Vulnerability class: Broken Authentication

EPSS: 0.003 (55.6th percentile) — read the EPSS interpretation.

Affected products

Denver Sho-110 — versions 0

Weakness classification (CWE)

References

www.exploit-db.com/exploits/50162 (exploit)
old.denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 (product)
www.vulncheck.com/advisories/denver-sho-110-ip-camera-unauthenticated-snapshot-… (third-party-advisory)