Skip to main content

Pt12X Sdi Xx G2 Firmware CVE-2025-35452

CRITICAL
Use of Hard-coded Credentials (CWE-798)
2025-09-05 9119a7d8-5eab-497f-8521-727c672e3725
Authentication Bypass Pt12X Sdi Xx G2 Firmware Pt12X Ndi Xx Firmware Pt12X Usb Xx G2 Firmware Pt20X Sdi Xx G2 Firmware T20X Ndi Xx Firmware Pt20X Usb Xx G2 Firmware Pt30X Sdi Xx G2 Firmware Pt30X Ndi Xx Firmware Pt12X Zcam Firmware Pt20X Zcam Firmware Ptvl Zcam Firmware Pteptz Zcam G2 Firmware Pteptz Ndi Zcam G2 Pt12X 4K Xx G3 Firmware Pt20X 4K Xx G3 Firmware Pt30X 4K Xx G3 Firmware Pt12X Link 4K Xx Firmware Pt20X Link 4K Xx Firmware Pt30X Link 4K Xx Firmware Pt12X Se Xx G3 Firmware Pt20X Se Xx G3 Firmware Pt30X Se Xx G3 Firmware Pt Studiopro Firmware Vl Fixed Camera Firmware Ndi Fixed Camera Firmware Mcamii Ptz Firmware Ba30S Firmware Ba20S Firmware Bv20S Firmware Bx30S Firmware Bx20N Firmware Bx20Uhd N Firmware Bx20Uhd Firmware Ba30 N Firmware Ba20 N Firmware Ba12 N Firmware Hd17H N Firmware Bx20S Sh Firmware Hd17H Firmware Bv30S Firmware Ba12S Firmware Vx90 Firmware Vx720L Firmware Vx752Ag Firmware Vx752A Firmware Vx751Ba Firmware Vx630Al Firmware Vx61Asl Firmware Vx61Basl Firmware Vx60Asl Firmware Vx61Al Firmware Vx60Al Firmware Vx701Ra Firmware Vx701Ta Firmware Vx800I2 Firmware V61W Firmware V63Xl Firmware V60Xl Firmware Vx70Uvs Firmware Vx71Uvs Firmware V71Uvs Firmware
9.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
Mar 28, 2026 - 19:10 vuln.today
Patch released
Mar 28, 2026 - 19:10 nvd
Patch available
PoC Detected
Dec 23, 2025 - 17:08 vuln.today
Public exploit code
CVE Published
Sep 05, 2025 - 18:15 nvd
CRITICAL 9.2

DescriptionCVE.org

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.

AnalysisAI

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified as Use of Hard-coded Credentials (CWE-798), which allows attackers to gain access using credentials embedded in source code. PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface. Affected products include: Ptzoptics Pt12X-Sdi-Xx-G2 Firmware, Ptzoptics Pt12X-Ndi-Xx Firmware, Ptzoptics Pt12X-Usb-Xx-G2 Firmware, Ptzoptics Pt20X-Sdi-Xx-G2 Firmware, Ptzoptics T20X-Ndi-Xx Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Remove hard-coded credentials, use environment variables or secrets management, rotate exposed credentials immediately.

Share

CVE-2025-35452 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy