Authentication Bypass in Trivision Camera NC227WF by TrivisionSecurity
CVE-2025-1739
7.1HIGH
What is CVE-2025-1739?
An Authentication Bypass vulnerability exists in the Trivision Camera NC227WF v5.8.0, allowing attackers to infiltrate the system. By sending crafted requests with random credentials to the vulnerable endpoint '/en/player/activex_pal.asp', an attacker can gain unauthorized access and retrieve administrator credentials in plaintext. This poses a significant risk as it enables further exploitation of the vulnerable device.
Affected Version(s)
Camera NC227WF 5.8.0