Khalil Shreateh specializes in cybersecurity, particularly as a "white hat" hacker. He focuses on identifying and reporting security vulnerabilities in software and online platforms, with notable expertise in web application security. His most prominent work includes discovering a critical flaw in Facebook's system in 2013. Additionally, he develops free social media tools and browser extensions, contributing to digital security and user accessibility.

Get Rid of Ads!


Subscribe now for only $3 a month and enjoy an ad-free experience.

Contact us at khalil@khalil-shreateh.com

Latest Posts

 

 

Revotech I6032W-FHW Authentication Bypass

Details
Written by: khalil shreateh
Category: Vulnerabilities
Hits: 28
The Revotech I6032W-FHW IP Camera is susceptible to an authentication The Revotech I6032W-FHW IP Camera is susceptible to an authentication bypass vulnerability (CVE-2021-46422).

This flaw allows unauthenticated remote attackers to gain administrative access to the device. Exploitation typically involves sending a crafted HTTP request to specific endpoints, such as `/cgi-bin/rpc`, where the device fails to properly validate credentials. This can involve accepting blank or default passwords, or bypassing checks entirely.

Successful exploitation grants full control over the camera, enabling attackers to view live feeds, alter settings, and potentially pivot to other network resources. Users are advised to check for and apply any available firmware updates. If no patch exists, restricting network exposure of the camera is crucial.

# CVE-2025-67158 ? Revotech I6032W-FHW

## Summary
The Revotech I6032W-FHW IP camera firmware contains an **authentication bypass vulnerability**
in the `/cgi-bin/jvsweb.cgi` endpoint. The device does not validate the `user.name` and
`user.digest` fields included in JSON-based API requests, allowing unauthenticated attackers
to invoke administrative methods and retrieve sensitive information.

**Vulnerability type:** Incorrect Access Control / Improper Authentication
**Impact:** Remote Information Disclosure, Privilege Escalation
**CVSS v3.1:** 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

---

## Affected Devices (Observed)
| Brand | Model | Firmware Version | Platform / Notes |
|----------|--------------|-------------------------|------------------|
| Revotech | I6032W-FHW | V1.0.0014 (2021-05-17) | Jovision-based firmware (FH8852-SW-2053-WU-F3, UI V2.0) |

---

## Proof-of-Concept Disclosure Notice
Reproduction details and raw evidence (PoC requests, PCAPs, and device responses) are withheld
from public disclosure due to the high risk of abuse. Authorized parties (vendors, CERTs, CNAs)
may request additional technical details after verification.

---

## Additional Observations
- The `/cgi-bin/jvsweb.cgi` endpoint accepts JSON-formatted commands without enforcing
authentication checks.
- Administrative API methods such as `account_get_users` can be executed using arbitrary
`user.name` and `user.digest` values.
- Identical administrative responses are returned regardless of credential validity,
demonstrating that authentication is not enforced server-side.

---

## Impact
- Unauthenticated attackers can access administrative API functionality.
- Sensitive user and account information can be disclosed remotely.
- The vulnerability enables privilege escalation without valid credentials.
- The issue may be leveraged as a building block for further device compromise.

---

## Mitigation / Recommendations
1. Enforce strict server-side validation of authentication fields for all API requests.
2. Reject any request with invalid or missing authentication data.
3. Require a verified session before allowing access to administrative API methods.
4. Apply firmware updates provided by the vendor when available.
5. Restrict network access to the device management interface.
6. Monitor and log abnormal or repeated access attempts to `/cgi-bin/jvsweb.cgi`.

---

## References
- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2025-67158)
- [CVE.org Entry](https://www.cve.org/CVERecord?id=CVE-2025-67158)

---

## ??
Revotech I6032W-FHW IP ??? ???? `/cgi-bin/jvsweb.cgi` ???????
?? ??? ???? ?? ???? ???????.
???? ??? `user.name` ? `user.digest` ?? ??? ?????
??? API ???? ??? ? ???, ?? ?? ??? ??? ??? ? ????.

**??? ??:** ?? ?? ??? / ?? ???
**??:** ?? ?? ??, ?? ??
**CVSS v3.1:** 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

---

## ?? ?? ?? (??? ??)
| ??? | ??? | ??? ?? | ?? |
|--------|--------|-------------|------|
| Revotech | I6032W-FHW | V1.0.0014 (2021-05-17) | Jovision-based firmware (FH8852-SW-2053-WU-F3, UI V2.0) |

---

## ?? ??(?? ??) ??? ??
?? ?? ? ?? ??(PoC ??, PCAP, ?? ?? ?? ?)? ?? ???? ??
???? ????. ??, CERT, CNA ? ?? ??? ?? ? ?? ?? ???
??? ? ????.

---

## ?? ????
- `/cgi-bin/jvsweb.cgi` API? ?????? ??? ?? ??? ????
?? ??? ??? ??? ???? ????.
- ?? ??? ???? ??? ??? ??? API ??? ?????.

---

## ??
- ???? ?? ???? ?? API? ?? ??? ?????.
- ??? ??? ?? ??? ?? ?? ?? ???? ?????.
- ???? ???? ?? ???? ??? ????? ???? ????.

---

## ?? ??
1. ?? API ??? ?? ?? ? ?? ??? ??????.
2. ??? API ?? ?? ?? ? ?? ?? ???? ??????.
3. ?? ?????? ?? ???? ??? ??????.
4. ???? ???? ?? ????? ??????.
5. ????? API ?? ??? ?????? ??????.

---

## ??
- [NVD ????](https://nvd.nist.gov/vuln/detail/CVE-2025-67158)
- [CVE.org ????](https://www.cve.org/CVERecord?id=CVE-2025-67158)

Social Media Share