CNNVD-202511-2835 Information

Nov 26, 2025 cve

CNNVD ID

CNNVD-202511-2835

CVE-2020-36871

CNNVD Published: 2025-11-26

Description (Chinese)

ESCAM QD-900 WIFI HD Camera是中国ESCAM公司的一款无线高清摄像头。 ESCAM QD-900 WIFI HD Camera存在访问控制错误漏洞，该漏洞源于/web/cgi-bin/hi3510/backup.cgi端点未经验证即可远程下载压缩配置备份，可能导致摄像头或连接的网络进一步被破解。

Description (English)

ESCAM QD-900 WIFI HD Camera is a wireless high-resolution camera of the Chinese company ESCAM. ESCAM QD-900 WIFI HD Camera has an access control bug that originates from/web/cgi-bin/hi3510/backup.cgi endpoints that can remotely download a compressed configuration backup without authentication, which may lead to further breakdown of the camera or connected network.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

ESCAM

Published

2025-11-26

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/escam-qd900-unauthenticated-config-disclosure https://www.exploit-db.com/exploits/48107 https://packetstorm.news/files/id/156492/ https://access.redhat.com/security/cve/cve-2020-36871

Share on: