CVE-2025-6528 – “70mai M300 RTSP Live Video Stream Endpoint Improper Authentication Local Network Vulnerability”

June 23, 2025

CVE ID : CVE-2025-6528

Published : June 23, 2025, 11:15 p.m. | 2 hours, 46 minutes ago

Description : A vulnerability has been found in 70mai M300 up to 20250611 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /livestream/12 of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6530 – “70mai M300 Telnet Service Denial of Service Vulnerability”

Next Article CVE-2025-6529 – “70mai M300 Telnet Service Default Credentials Disclosure”

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-6528 – “70mai M300 RTSP Live Video Stream Endpoint Improper Authentication Local Network Vulnerability”

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

Laravel Wayfinder Public Beta

CVE-2025-4382 – GRUB TPM Auto- decryption Data Exposure

CVE-2025-4128 – Mattermost Guest User API Team Information Disclosure

CVE-2025-45820 – Slims Senayan Library Management Systems SQL Injection Vulnerability

Microsoft mystery folder fix might need a fix of its own

6 Best Free and Open Source Linux Project Management Software

laravelcm/laravel-subscriptions

CVE-2025-5255 – Apple macOS Phoenix Code Dynamic Library Injection Vulnerability

CVE-2025-6528 – “70mai M300 RTSP Live Video Stream Endpoint Improper Authentication Local Network Vulnerability”

Related Posts