216.73.217.64

CVE-2025-65857

· Published 22/12/2025 22:16 · Modified 23/12/2025 14:51

Labels: CVE-2025-65857 2025-12-22CVE-2025-65857[email protected]

Essential information

Published
22/12/2025 22:16
Modified
23/12/2025 14:51
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access.

NVD status

Status
Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

References