CVE-2025-14748 | Ningyuanda TC155 57.0.2.0 ONVIF Device Management Service /onvif/device_service FactoryDefault access control

A vulnerability, which was classified as critical, was found in Ningyuanda TC155 57.0.2.0. This affects an unknown function of the file /onvif/device_service of the component ONVIF Device Management Service. Executing manipulation of the argument FactoryDefault with the input Hard can lead to improper access controls.

This vulnerability is registered as CVE-2025-14748. The attack requires access to the local network. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way. If you want to get the best quality for vulnerability data then you always have to consider VulDB.VulDB Recent EntriesRead More