{"id":76053,"date":"2025-09-21T21:21:47","date_gmt":"2025-09-21T21:21:47","guid":{"rendered":""},"modified":"2025-11-02T02:09:44","modified_gmt":"2025-11-02T08:09:44","slug":"cve-2025-50777-incorrect-access-control-vulnerability-in-aziot-2mp-full-hd-smart-wi-fi-cctv-home-security-camera","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-50777-incorrect-access-control-vulnerability-in-aziot-2mp-full-hd-smart-wi-fi-cctv-home-security-camera\/","title":{"rendered":"CVE-2025-50777: Incorrect Access Control Vulnerability in AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

We will be discussing the security vulnerability CVE-2025-50777, which is found in the firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera, version V1.00.02. This vulnerability allows local attackers to gain root shell access due to an Incorrect Access Control vulnerability. Once accessed, the device exposes critical data<\/a> stored in plaintext, including Wi-Fi credentials and ONVIF service credentials. This potentially enables further compromise of the network and connected systems<\/a>. Given the widespread use of such cameras in surveillance, this vulnerability poses a significant risk to user<\/a> privacy and data security.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-50777
\nSeverity: High (7.8)
\nAttack Vector: Local
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise, data leakage, and further compromise of network and connected systems<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n