COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-58453

CVE-2026-58453

Severity
critical
Source
NVD · cve
Published
2026-07-01
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-58453
⚡ RCE shame 50/100 rce

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anyka_ipc HTTP service

Description

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anyka_ipc HTTP service on port 80. Attackers can authenticate with these hardcoded credentials to access camera snapshots, video streams, network configuration, and factory-level API endpoints including the SetMAC command injection surface.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.