CVE-2021-3787

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2021-3787
A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services.

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://binatoneglobal.com/security-advisory/ Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:binatoneglobal:halo\+_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:halo\+_camera:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*
Information

Published : 2021-11-12 14:15

Updated : 2022-10-27 09:42

NVD link : CVE-2021-3787

Mitre link : CVE-2021-3787

JSON object : View

CWE
NVD-CWE-noinfo
Advertisement

dedicated server usa
Products Affected

binatoneglobal

  • focus_68_firmware
  • connect_20
  • cn40_firmware
  • lux_64_firmware
  • focus_72r
  • mbp4855_firmware
  • mbp3667
  • cn75
  • cn50
  • comfort_85_connect_firmware
  • comfort_85_connect
  • cn50_firmware
  • mbp669_connect_firmware
  • connect_20_firmware
  • cn28_firmware
  • cn40
  • mbp3855
  • focus_72r_firmware
  • lux_65_firmware
  • comfort_40_firmware
  • connect_view_65
  • halo\+_camera
  • mbp6855_firmware
  • comfort_40
  • connect_view_65_firmware
  • lux_65
  • focus_68
  • lux_64
  • lux_85_connect
  • comfort_50_connect_firmware
  • mbp6855
  • cn75_firmware
  • mbp4855
  • mbp3667_firmware
  • mbp669_connect
  • comfort_50_connect
  • ease44_firmware
  • ease44
  • halo\+_camera_firmware
  • mbp3855_firmware
  • cn28
  • lux_85_connect_firmware