Remote Information Disclosure in Cisco Linksys Wireless Video Camera
CVE-2009-1555

Currently unrated

Key Information:

Vendor: Cisco
Status: Wvc54gca
Vendor: CVE Published:; 6 May 2009

Summary

The Cisco Linksys WVC54GCA wireless video camera is susceptible to an information disclosure vulnerability due to improper handling of configuration data during a remote management command via the Setup Wizard. This exposure allows remote attackers to access sensitive information, including passwords, from the memory of the SetupWizard.exe process, posing significant security risks for users of the device. This issue highlights the need for enhanced security measures in IoT devices, particularly those with remote management capabilities.

References

http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras...

x_refsource_MISC

http://www.vupen.com/english/advisories/2009/1173

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/34596

vdb-entryx_refsource_BID

Timeline

Vulnerability published
May 6, 2009
Vulnerability Reserved
May 6, 2009