Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

FNKvision

Source -

CNA

BOS Name -

N/A

CNA CVEs -

7

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
7Vulnerabilities found
CVE-2025-9383
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-2||LOW
EPSS-0.01% / 0.26%
||
7 Day CHG~0.00%
Published-24 Aug, 2025 | 09:32
Updated-25 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision Y215 CCTV Camera passwd crypt weak hash

A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The attack can only be performed from a local environment. The complexity of an attack is rather high. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-FNKvision
Product-Y215 CCTV Camera
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE ID-CWE-328
Use of Weak Hash
CVE-2025-9382
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 0.98%
||
7 Day CHG~0.00%
Published-24 Aug, 2025 | 08:02
Updated-25 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision Y215 CCTV Camera Telnet Sevice s1_rf_test_config backdoor

A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-FNKvision
Product-Y215 CCTV Camera
CWE ID-CWE-912
Hidden Functionality
CVE-2025-9381
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-1||LOW
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-24 Aug, 2025 | 07:32
Updated-25 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosure

A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical device. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-FNKvision
Product-Y215 CCTV Camera
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-284
Improper Access Control
CVE-2025-9380
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-8.5||HIGH
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-24 Aug, 2025 | 07:02
Updated-25 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision Y215 CCTV Camera Firmware passwd hard-coded credentials

A vulnerability was identified in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this issue is some unknown functionality of the file /etc/passwd of the component Firmware. Such manipulation leads to hard-coded credentials. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-FNKvision
Product-Y215 CCTV Camera
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2025-7215
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-1||LOW
EPSS-0.01% / 0.30%
||
7 Day CHG~0.00%
Published-09 Jul, 2025 | 04:02
Updated-10 Jul, 2025 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision FNK-GU2 wpa_supplicant.conf cleartext storage

A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FNKvision
Product-FNK-GU2
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-7214
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-1||LOW
EPSS-0.01% / 0.30%
||
7 Day CHG~0.00%
Published-09 Jul, 2025 | 03:32
Updated-10 Jul, 2025 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision FNK-GU2 MD5 shadow risky encryption

A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FNKvision
Product-FNK-GU2
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2025-7213
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 2.10%
||
7 Day CHG~0.00%
Published-09 Jul, 2025 | 03:02
Updated-10 Jul, 2025 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FNKvision FNK-GU2 UART Interface on-chip debug and test interface with improper access control

A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FNKvision
Product-FNK-GU2
CWE ID-CWE-1191
On-Chip Debug and Test Interface With Improper Access Control