Default Password Vulnerability in MOBOTIX S14 Cameras
CVE-2009-5154

9.8CRITICAL

Key Information:

Vendor: Mobotix
Status: S14 Firmware
Vendor: CVE Published:; 9 February 2019

What is CVE-2009-5154?

The MOBOTIX S14 camera series, specifically version MX-V4.2.1.61, suffers from a security oversight with a default administrator password set to 'meinsm'. This allows unauthorized access to the camera's settings and data, exposing users to potential threats if the password is not changed after installation. Remote attackers could exploit this vulnerability, gaining control over the device, which may result in data breaches or unauthorized surveillance.

References

https://gist.github.com/llandeilocymro/7dbe3daaab6d058d60...

x_refsource_MISC

https://www.use-ip.co.uk/forum/threads/mobotix-default-pa...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2019
Vulnerability Reserved
Feb 9, 2019

Mobotix

What is CVE-2009-5154?

References

CVSS V3.1

Timeline