Broken Authorization in V380 IP Camera Firmware by Shenzhen Liandian Communication Technology LTD
CVE-2026-12527

6MEDIUM

Key Information:

Vendor: Shenzhen Liandian Communication Technology Ltd
Status: V380 Ip Camera / Appfhe1 V1.0.6.0
Vendor: CVE Published:; 18 June 2026

🔔 Create Shenzhen Liandian Communication Technology Ltd Vulnerability Alert

What is CVE-2026-12527?

A security flaw exists in the RTSP media delivery mechanism of the V380 IP Camera firmware that enables unauthorized individuals to bypass authentication protocols. This vulnerability allows attackers to intercept and access the device's live video feed, posing a significant risk to user privacy and security. The flaw underscores the critical need for effective access control measures in networked camera systems.

Affected Version(s)

V380 IP Camera / AppFHE1_V1.0.6.0 Embedded/Linux AppFHE1_V1.0.6.020230803

References

https://github.com/AounShAh/Research-on-v380-cctv-ip-came...

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2026
Vulnerability Reserved
Jun 17, 2026

Credit

https://www.linkedin.com/in/syedaounshah/

https://www.linkedin.com/in/muhammad-zubair-a2044b2b3/

https://www.linkedin.com/in/uzair-muzamil-468861231/

CVE-2026-12527 Data

JSON