CVE-2025-9382 – FNKvision Y215 CCTV Camera Telnet Service Backdoor Vulnerability

August 24, 2025

CVE ID : CVE-2025-9382

Published : Aug. 24, 2025, 8:15 a.m. | 16 hours, 43 minutes ago

Description : A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9383 – FNKvision Y215 CCTV Camera Weak Hash Local Privilege Escalation Vulnerability

Next Article CVE-2025-9381 – FNKvision Y215 CCTV Camera File Disclosure Vulnerability

Highlights

CVE-2022-50218 – Linux Kernel IIO Light Driver Null Pointer Dereference Vulnerability

June 18, 2025

CVE ID : CVE-2022-50218

Published : June 18, 2025, 11:15 a.m. | 3 hours, 16 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

iio: light: isl29028: Fix the warning in isl29028_remove()

The driver use the non-managed form of the register function in
isl29028_remove(). To keep the release order as mirroring the ordering
in probe, the driver should use non-managed form in probe, too.

The following log reveals it:

[ 32.374955] isl29028 0-0010: remove
[ 32.376861] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN PTI
[ 32.377676] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[ 32.379432] RIP: 0010:kernfs_find_and_get_ns+0x28/0xe0
[ 32.385461] Call Trace:
[ 32.385807] sysfs_unmerge_group+0x59/0x110
[ 32.386110] dpm_sysfs_remove+0x58/0xc0
[ 32.386391] device_del+0x296/0xe50
[ 32.386959] cdev_device_del+0x1d/0xd0
[ 32.387231] devm_iio_device_unreg+0x27/0xb0
[ 32.387542] devres_release_group+0x319/0x3d0
[ 32.388162] i2c_device_remove+0x93/0x1f0

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks

July 9, 2025

This AI Paper Introduces PARSCALE (Parallel Scaling): A Parallel Computation Method for Efficient and Scalable Language Model Deployment

May 21, 2025

My top 6 browsers after trying nearly every one (spoiler: none are Chrome)

May 10, 2025

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

Google Pixel 10 Pro vs. iPhone 16 Pro: I’ve used both handsets, and there’s a clear winner

Master these 48 Windows keyboard shortcuts and finish work early

Why the Pixel 10 is making this longtime iPhone user reconsider their next phone

Google Pixel 10 Pro Fold vs. Samsung Galaxy Z Fold 7: I compared both Androids, and here’s the winner

PERFIXION 2025: Powering AI Ideas

PERFIXION 2025: Powering AI Ideas

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Reports say Windows 11 update is bricking drives — is yours on the list?

Razer finally remembered I don’t live in China, so now we can all get this cool Gengar gaming headset

CVE-2025-9382 – FNKvision Y215 CCTV Camera Telnet Service Backdoor Vulnerability

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

Why top SOC teams are shifting to Network Detection and Response

Preparing for the Unthinkable: Safeguarding People and Productivity During India-Pakistan Conflicts

Design Systems in 2025: Why They’re the Blueprint for Consistent UX

CVE-2025-4992 – “Service Process Engineer XSS Vulnerability”

CVE-2022-50218 – Linux Kernel IIO Light Driver Null Pointer Dereference Vulnerability

Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks

This AI Paper Introduces PARSCALE (Parallel Scaling): A Parallel Computation Method for Efficient and Scalable Language Model Deployment

My top 6 browsers after trying nearly every one (spoiler: none are Chrome)

CVE-2025-9382 – FNKvision Y215 CCTV Camera Telnet Service Backdoor Vulnerability

Related Posts