CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-65856

Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.019

EPSS Ranking 82.6%

CVSS Severity

CVSS v3 Score 9.8

References

http://hangzhou.com
http://ip.com
https://luismirandaacebedo.github.io/CVE-2025-65856/

Products affected by CVE-2025-65856

Xiongmaitech » Xm530v200 X6-Weq 8m » Version: N/A

cpe:2.3:h:xiongmaitech:xm530v200_x6-weq_8m:-
Xiongmaitech » Xm530v200 X6-Weq 8m Firmware » Version: 5.00.r02.000807d8.10010.346624.s.onvif_21.06

cpe:2.3:o:xiongmaitech:xm530v200_x6-weq_8m_firmware:5.00.r02.000807d8.10010.346624.s.onvif_21.06

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-65856

Products

Pricing

Contact Us