Remote Authentication Vulnerability in Cisco Video Surveillance Products
CVE-2007-4746

Currently unrated

Key Information:

Vendor: Cisco
Status: Video Surveillance Sp Isp Decoder Software; Video Surveillance Ip Gateway Encoder Decoder; Video Surveillance Sp Isp
Vendor: CVE Published:; 6 September 2007

Summary

Certain Cisco Video Surveillance products, including the IP Gateway Encoder/Decoder and SP/ISP Decoder Software, are impacted by a vulnerability due to the presence of default passwords for admin-level user accounts (sypixx and root). This flaw permits unauthorized remote attackers to execute administrative commands on the affected devices, posing significant security risks and potential unauthorized access to sensitive surveillance data. Users and organizations utilizing these products are strongly encouraged to change the default credentials to enhance device security.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/25549

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/36451

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 6, 2007
Vulnerability Reserved
Sep 6, 2007