Denver SHO-110 IP Camera Unauthenticated Snapshot Access
CVE-2021-4469

8.7HIGH

Key Information:

Vendor

Denver

Status
Sho-110
Vendor
CVE Published:
14 November 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2021-4469?

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by directly requesting the 'snapshot' endpoint. An attacker can repeatedly collect snapshots and reconstruct the camera stream, compromising the confidentiality of the monitored environment.

Affected Version(s)

SHO-110 0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2021-4469 - Proof of Concept

References

https://www.exploit-db.com/exploits/50162
exploit
http://old.denver.eu/products/smart-home-security/denver-...
product
https://www.vulncheck.com/advisories/denver-sho-110-ip-ca...
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ivan Nikolsky (enty8080)
JSON
.
CVE-2021-4469 : Unauthenticated Snapshot Access in Denver SHO-110 IP Cameras