AZIOT CCTV Camera CVE-2025-50777
HIGHSeverity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Local access to the device is required (AV:L) with low complexity and some existing privilege to reach the interface (PR:L); root shell plus plaintext credential exposure yields full C/I/A impact.
Primary rating from Vendor (mitre).
CVSS VectorVendor: mitre
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service credentials stored in plaintext, enabling further compromise of the network and connected systems.
AnalysisAI
Privilege escalation to root shell in the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera firmware (V1.00.02) lets a locally-positioned attacker bypass access controls and obtain a root shell on the device. Once root is reached, the camera exposes stored Wi-Fi credentials and ONVIF service credentials in plaintext, giving the attacker a pivot into the victim's wireless network and any ONVIF-connected surveillance infrastructure. There is no public exploit identified at time of analysis and EPSS is low (0.16%, 5th percentile), indicating limited widespread automated exploitation interest.
Technical ContextAI
The affected device is a consumer IoT surveillance camera running a Linux-based embedded firmware that speaks ONVIF (the industry-standard IP-camera control/streaming protocol) and connects to the home network over Wi-Fi. The root cause is CWE-284 (Improper Access Control): the firmware fails to properly restrict access to a privileged interface - consistent with the 'Authentication Bypass' tag - allowing an unauthorized local actor to reach a root shell. The severity is compounded by insecure credential storage: both the Wi-Fi PSK and the ONVIF account credentials are held in plaintext on the device rather than hashed or encrypted, so root access immediately yields reusable secrets. The single affected CPE is cpe:2.3:o:aziot:2mp_full_hd_smart_wi-fi_cctv_home_security_camera_firmware:1.00.02, i.e., firmware version 1.00.02 specifically.
RemediationAI
No vendor-released patch identified at time of analysis, and no fixed firmware version is enumerated in the available data, so upgrading to a specific corrected build is not currently possible from this intelligence. As compensating controls: physically secure the device and disable or restrict any local debug/UART/console access to prevent the local root-shell path; isolate the camera on a dedicated VLAN or guest SSID so that recovered Wi-Fi credentials cannot reach the primary network; and change the ONVIF service account credentials and rotate the Wi-Fi PSK, treating any secret previously stored on the device as compromised. Restrict network reachability of the camera's management/ONVIF ports to trusted hosts only. Trade-offs: VLAN isolation and ONVIF ACL restriction may break NVR or mobile-app integrations that expect the camera on the same subnet, requiring firewall exceptions for legitimate recorders. Monitor https://github.com/veereshgadige/aziot-cctv-cve-2025-50777 and AZIOT for a firmware update, and consider retiring the device if no fix is published.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today