LiveActive security incident?Get immediate response
CVE Record

CVE-2020-36873: Astak CM-818T3 Unauthenticated Configuration Disclosure

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may include administrative credentials and other sensitive device settings, enabling an unauthenticated remote attacker to obtain information that could facilitate further compromise of the camera or connected network.

HighCVSS 8.7Not KEV-listedUpdated
Glexia's TakeAutomated analysishigh

Security readout for executives and security teams

Plain-English summary

CVE-2020-36873 is an unauthenticated configuration disclosure issue in Astak CM-818T3 2.4GHz wireless security surveillance cameras. A remote attacker who can reach the vulnerable camera management endpoint may be able to download a compressed configuration backup that can contain administrator credentials and sensitive device settings.

Executive priority

Treat as a high-priority remediation item for any exposed Astak CM-818T3 cameras because the issue can disclose administrative credentials without authentication. Immediate priority should be reducing network exposure and verifying vendor remediation availability.

Technical view

The source bundle describes an authentication/authorization bypass affecting the Astak CM-818T3 camera backup functionality. The vulnerable backup CGI endpoint can disclose the device configuration without requiring login. The reported CVSS v4.0 score is 8.7, with network attack vector, low complexity, no privileges, no user interaction, and high impact to confidentiality. The listed CWE is CWE-306: Missing Authentication for Critical Function.

Likely exposure

Risk is highest for Astak CM-818T3 cameras with their web management interface reachable from the internet or untrusted networks. Internal-only cameras are still exposed to attackers with network access. The source bundle lists affected version "0" and default affected status as unknown, so asset validation should focus on confirmed device model and management interface exposure rather than assuming broader product impact.

Exploitation context

The bundle includes a Packet Storm reference tagged as exploit and a VulnCheck advisory, indicating public exploit information exists. KEV is false in the supplied data, and the bundle does not state active exploitation in the wild, so active exploitation is not confirmed from these sources.

Researcher notes

Do not infer impact beyond the Astak CM-818T3 2.4GHz Wireless Security Surveillance Camera described in the source bundle. The bundle does not provide confirmed fixed versions or vendor patch details. CVE metadata shows publication on 2025-11-26 and update on 2025-11-28 despite the CVE identifier year being 2020.

Mitigation direction

  • Check Astak or other authoritative vendor guidance for firmware updates, configuration changes, or product support status; the supplied bundle does not include patch evidence.
  • Remove affected camera management interfaces from direct internet exposure.
  • Restrict access to trusted administrative networks using firewall rules, VPN, or equivalent network controls.
  • Rotate camera administrator credentials and any other credentials or secrets that may have been stored in exposed configuration backups.
  • Review camera configuration for unauthorized changes if exposure is suspected.
  • Consider replacing or decommissioning affected devices if no supported vendor fix is available.

Validation and detection

  • Inventory cameras and confirm whether any Astak CM-818T3 devices are present.
  • Determine whether the camera web management interface is reachable from the internet or other untrusted networks.
  • Confirm that configuration backup functionality is either patched, requires authentication, or is blocked by network controls.
  • Review credential stores and downstream systems for passwords or secrets that may have been reused from affected camera configurations.
  • Document findings, exposure status, mitigations applied, and any remaining vendor guidance gaps.
Prepared
Confidence
medium
Sources
4

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cwe · medium confidence lookup

CWE-306: Credential and account abuse lookup

Authentication and credential weaknesses can make valid-account abuse and credential telemetry useful review starting points. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.

Open ATT&CK lookup
cve · low confidence lookup

CVE-2020-36873 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
High
CVSS
8.7 (4.0)
Known Exploited
No
Published

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

1CVSS vectors
0Timeline events
0ADP providers
3Source links

CVSS vector scores

1 official score

We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.

ScoreVersionSeverityVectorExploitImpactSource
8.7CVSS 4.0HighCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:NPrimary CVE score

Vulnerability scoring details

Base CVSS 4.0 score

8.7High
CVSS 4.0 vector shape for CVE-2020-36873Attack VectorAttack ComplexityAttack RequirementsPrivileges RequiredUser InteractionVS ConfidentialityVS IntegrityVS AvailabilitySS ConfidentialitySS IntegritySS Availability

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Attack Vector
NetworkAdjacentLocalPhysical
Attack Complexity
LowHigh
Attack Requirements
NonePresent
Privileges Required
NoneLowHigh
User Interaction
NonePassiveActive
VS Confidentiality
HighLowNone
VS Integrity
HighLowNone
VS Availability
HighLowNone
SS Confidentiality
HighLowNone
SS Integrity
HighLowNone
SS Availability
HighLowNone
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
AstakCM-818T3 2.4GHz Wireless Security Surveillance Camera0unknown
Weakness

CWE details

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.

CWE-306 · source CWE mapping

Missing Authentication for Critical Function

Missing Authentication for Critical Function represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.