Description

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by directly requesting the 'snapshot' endpoint. An attacker can repeatedly collect snapshots and reconstruct the camera stream, compromising the confidentiality of the monitored environment.

INFO

Published Date :

2025-11-14T22:53:04.754Z

Last Modified :

2025-11-16T13:06:32.465Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2021-4469 vulnerability.

Vendors Products
Denver
  • I
  • Sho-110
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-4469.

URL Resource
http://old.denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 cve-icon cve-icon
https://www.exploit-db.com/exploits/50162 cve-icon cve-icon
https://www.vulncheck.com/advisories/denver-sho-110-ip-camera-unauthenticated-snapshot-access cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability