PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
History

Fri, 05 Sep 2025 19:15:00 +0000


Fri, 05 Sep 2025 18:00:00 +0000

Type Values Removed Values Added
Description PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Title Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled
Weaknesses CWE-798
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisa-cg

Published:

Updated: 2025-09-05T18:59:10.321Z

Reserved: 2025-04-15T20:57:14.282Z

Link: CVE-2025-35451

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-09-05T18:15:41.900

Modified: 2025-09-05T19:15:31.423

Link: CVE-2025-35451

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.