EUVD-2025-30773

ID: EUVD-2025-30773

Severity: high

CVSS v4: 7.1 (CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Changing these values does not change camera's behavior. The vendor did not respond in any way. Only version 11.100001.01.28 was tested, other versions might also be vulnerable.

Timestamps

Normalized: 2025-12-31T11:32:21Z UTC
Last updated: 2025-12-31T11:30:19Z UTC

References

No references provided.

VulnAI

EUVD-2025-30773

Description

Timestamps

References