Strix
26.1K

CVE-2021-30168

CRITICALCVSS 9.8/10EPSS 2.13%

Last modified

CVE-2021-30168 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices.. EPSS estimates a 2.13% chance of exploitation in the next 30 days.

Description

The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
2.13%

79.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
MeritlilinP2r8852e2 Firmware< 7.1.94.8908
MeritlilinP2r8852e4 Firmware< 7.1.94.8908
MeritlilinP2r6852e2 Firmware< 7.1.94.8908
MeritlilinP2r6852e4 Firmware< 7.1.94.8908
MeritlilinP2r6552e2 Firmware< 7.1.94.8908
MeritlilinP2r6552e4 Firmware< 7.1.94.8908
MeritlilinP2r6352ae2 Firmware< 7.1.94.8908
MeritlilinP2r6352ae4 Firmware< 7.1.94.8908
MeritlilinP2r3052ae2 Firmware< 7.1.94.8908
MeritlilinP2g1052 Firmware< 7.1.94.8908
MeritlilinP2r8822e2 Firmware< 7.1.94.8908
MeritlilinP2r8822e4 Firmware< 7.1.94.8908
MeritlilinP2r6822e2 Firmware< 7.1.94.8908
MeritlilinP2r6822e4 Firmware< 7.1.94.8908
MeritlilinP2r6522e2 Firmware< 7.1.94.8908
MeritlilinP2r6522e4 Firmware< 7.1.94.8908
MeritlilinP2r6322ae2 Firmware< 7.1.94.8908
MeritlilinP2r6322ae4 Firmware< 7.1.94.8908
MeritlilinP2r3022ae2 Firmware< 7.1.94.8908
MeritlilinP2g1022 Firmware< 7.1.94.8908
MeritlilinP2g1022x Firmware< 7.1.94.8908
MeritlilinZ2r8852ax Firmware< 7.1.94.8908
MeritlilinZ2r8152x-P Firmware< 7.1.94.8908
MeritlilinZ2r8152x2-P Firmware< 7.1.94.8908
MeritlilinZ2r8052ex25 Firmware< 7.1.94.8908
MeritlilinZ2r6552x Firmware< 7.1.94.8908
MeritlilinZ2r6452ax Firmware< 7.1.94.8908
MeritlilinZ2r6452ax-P Firmware< 7.1.94.8908
MeritlilinZ2r8822ax Firmware< 7.1.94.8908
MeritlilinZ2r8122x-P Firmware< 7.1.94.8908
MeritlilinZ2r8122x2-P Firmware< 7.1.94.8908
MeritlilinZ2r8022ex25 Firmware< 7.1.94.8908
MeritlilinZ2r6522x Firmware< 7.1.94.8908
MeritlilinZ2r6422ax Firmware< 7.1.94.8908
MeritlilinZ2r6422ax-P Firmware< 7.1.94.8908
MeritlilinP3r6322e2 Firmware< 7.1.94.8908
MeritlilinP3r6522e2 Firmware< 7.1.94.8908
MeritlilinP3r8822e2 Firmware< 7.1.94.8908
MeritlilinZ3r6422x3 Firmware< 7.1.94.8908
MeritlilinZ3r6522x Firmware< 7.1.94.8908
MeritlilinZ3r8922x3 Firmware< 7.1.94.8908

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-30168?
The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices.
How severe is CVE-2021-30168?
CVE-2021-30168 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 2.13% probability of exploitation in the next 30 days.
How do I fix CVE-2021-30168?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-30168?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST