본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2021-26611 | HejHome IP Camera use of hared-coded credentials vulnerability2021.11.25
□ Overview
 o Goqual Co.,Ltd released security update to address use of hard-coded credentials vulnerability in HejHome GKW-IC052 IP Camera.
Vulnerability
Vulnerability Type Impact Severity CVSS Score CVE ID
Use of
hard-coded credenetials
remote command execution High 8.1 CVE-2021-26611

□ Description
 o HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.(reboot, factory reset, snapshot etc..)

□ Affected Product
Affected Product
Product Version
HejHome GKW-IC052 2.9.5 ~ 2.9.7
4.0.4

□ Solution
 o Update firmware over 4.0.7 version or higher.

□ Reference
 [1] https://www.hej.life

□ Etc
 o Thanks to HyunGeun Jo for reporting this vulnerability.


□ 작성 : 침해사고분석단 취약점분석팀