CVE-2025-7503

CVE-2025-7503 PUBLISHED

Assigner: Toreon
Reserved: 11.07.2025 Published: 11.07.2025 Updated: 11.07.2025

An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with network access can authenticate using default credentials and gain root-level shell access to the device. The affected firmware version is AppFHE1_V1.0.6.0 (Kernel: KerFHE1_PTZ_WIFI_V3.1.1, Hardware: HwFHE1_WF6_PTZ_WIFI_20201218). No official fix or firmware update is available, and the vendor could not be contacted. This vulnerability allows for remote code execution and privilege escalation.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/U:Red
CVSS Score: 10

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	High
Attack Complexity	Low	Integrity	High	Integrity	High
Attack Requirements	None	Availability	High	Availability	High
Privileges Required	None
User Interaction	None

CVSS 4.0

Product Status

Vendor	Shenzhen Liandian Communication Technology LTD
Product	V380 IP Camera / AppFHE1_V1.0.6.0
Versions	Default: unaffected Version 1.0.6.0 is affected

Vendor

Shenzhen Liandian Communication Technology LTD

Product

V380 IP Camera / AppFHE1_V1.0.6.0

Versions

Default: unaffected

Version 1.0.6.0 is affected

Credits

Aoun Shah finder

References

Problem Types

CWE-798: Use of Hard-coded Credentials CWE

Impacts

CAPEC-137: Parameter Injection
CAPEC-118: Accessing Functionality Not Properly Constrained