{"vulnerability": "cve-2021-45039", "sightings": [{"uuid": "7c90891e-79fc-4b8e-a9a1-b89a18a35676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-45039", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1183", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-45039\n\ud83d\udd39 Description: Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using this buffer overflow, a remote attacker can start the telnetd service. This service has a hardcoded default username and password (root/123456). Although it has a restrictive shell, this can be easily bypassed via the built-in ECHO shell command.\n\ud83d\udccf Published: 2023-05-31T00:00:00\n\ud83d\udccf Modified: 2025-01-10T16:32:47.577Z\n\ud83d\udd17 References:\n1. https://ssd-disclosure.com/ssd-advisory--uniview-preauth-rce/\n2. https://www.uniview.com/About_Us/Security/Notice/202112/920471_140493_0.htm", "creation_timestamp": "2025-01-10T17:04:59.000000Z"}]}