CVE-2025-9381 LOW

CVE-2025-9381: FNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosure

Vendor Fnkvision

Product Y215 CCTV Camera

Weakness CWE-200 · Info exposure

Published August 24, 2025

Last update August 25, 2025

View on NVD All CVEs

CVSS base score

1.0/10

Attack vector Physical

Attack complexity High

Privileges required High

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical device. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Key dates

02Disclosure timeline

August 24, 2025 CVE published

August 25, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-9381 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

CVE-2025-9381: FNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosure

01Description

02Disclosure timeline

03References

04Related CVE