CVE-2024-2161— Use of Hard-coded Credentials in Kiloview NDI N series products API middleware
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-2161
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of Hard-coded Credentials in Kiloview NDI N series products API middleware
Source: NVD (National Vulnerability Database)
Vulnerability Description
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
Kiloview NDI多个产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Kiloview NDI N4和Kiloview NDI N3都是中国千视(Kiloview)的产品。Kiloview NDI N4是一款多通道的NDI视频编码器。Kiloview NDI N3是一款紧凑型的NDI视频编码器。 Kiloview NDI多个产品存在安全漏洞,该漏洞源于使用硬编码凭据,允许未经身份验证的用户绕过身份验证。以下产品和版本受到影响:Kiloview NDI N3、N4、N20、N30、N40 2.02.0227之前版本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2024-2161
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-2161
请登录查看更多情报信息。
- https://www.kiloview.com/en/support/download/n40/release-notes
- https://www.kiloview.com/en/support/download/1779/release-notes
- https://nvd.nist.gov/vuln/detail/CVE-2024-2161
IV. Related Vulnerabilities
Same vendor: Kiloview
- CVE-2026-1453
Missing Authentication for Critical Function in KiloView Enc - CVE-2025-8915
Hardcoded TLS private key in Kiloview N30 firmware - CVE-2025-9265
API Authentication Bypass via Header Spoofing vulnerability - CVE-2023-41928
Remote server offers deprecated TLS protocol in Kiloview P1/ - CVE-2023-41927
Weak TLS Cipher Suites Supported in Kiloview P1/P2 devices
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2024-2161
No comments yet