CVE-2025-14746

Medium CVSS: 5.3

A vulnerability has been found in Ningyuanda TC155 57.0.2.0. The affected element is an unknown function of the component RTSP Live Video Stream Endpoint. Such manipulation leads to improper authentication. The attack must be carried out from within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Shenzhenningyuandatechnology

Product

Tc155 Firmware

CWE

CWE-287

Yayın Tarihi

2025-12-16 03:15:57

Güncelleme

2025-12-18 21:23:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-287 Tc155 Firmware MEDIUM Shenzhenningyuandatechnology 2025

Referanslar

https://github.com/pwnpwnpur1n/IoT-advisories/blob/main/TC155-Unauth-RTSP.md https://vuldb.com/?ctiid.336519 https://vuldb.com/?id.336519 https://vuldb.com/?submit.707195

Benzer Kayıtlar

Medium

CVE-2025-14747

A vulnerability was found in Ningyuanda TC155 57.0.2.0. The impacted element is an unknown function of the component RTS…

Medium

CVE-2025-14748

A vulnerability was determined in Ningyuanda TC155 57.0.2.0. This affects an unknown function of the file /onvif/device_…

Medium

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/device_…