CVE-2025-14748

Medium CVSS: 5.3

A vulnerability was determined in Ningyuanda TC155 57.0.2.0. This affects an unknown function of the file /onvif/device_service of the component ONVIF Device Management Service. Executing manipulation of the argument FactoryDefault with the input Hard can lead to improper access controls. The attack requires access to the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Shenzhenningyuandatechnology

Product

Tc155 Firmware

CWE

CWE-266

Yayın Tarihi

2025-12-16 03:15:57

Güncelleme

2025-12-18 21:24:06

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Tc155 Firmware MEDIUM Shenzhenningyuandatechnology 2025

Referanslar

https://github.com/pwnpwnpur1n/IoT-advisories/blob/main/TC155-Unauth-Hard-Reset.md https://vuldb.com/?ctiid.336521 https://vuldb.com/?id.336521 https://vuldb.com/?submit.707197

Benzer Kayıtlar

Medium

CVE-2025-14746

A vulnerability has been found in Ningyuanda TC155 57.0.2.0. The affected element is an unknown function of the componen…

Medium

CVE-2025-14747

A vulnerability was found in Ningyuanda TC155 57.0.2.0. The impacted element is an unknown function of the component RTS…

Medium

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/device_…