Remenis/CVE-2025-67158

Releases0

Revotech I6032W-FHW IP camera firmware fails to validate authentication fields in API requests, allowing attackers to bypass authentication and retrieve administrative information.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-67158 ↗	Jan 2, 2026Friday, 2 January 2026, 17:16	7.5 HIGH	—
An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request.