Linux
CVE-2021-47796
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system.
AnalysisAI
Denver SHC-150 Smart WiFi Camera has hardcoded telnet credentials on port 23, providing unauthenticated root shell access. PoC available.
Technical ContextAI
The camera ships with hardcoded telnet credentials (CWE-798) that provide a Linux shell.
Affected ProductsAI
Denver SHC-150 Smart Wifi Camera
RemediationAI
Disable telnet. Update firmware if available.
Same weakness CWE-798 – Use of Hard-coded Credentials
View allShare
External POC / Exploit Code
Leaving vuln.today