CVE-2026-5386— KMW CCTV Security Cameras Unverified Password Change

CVSS 9.1 · Critical EPSS 0.05% · P16 Updated May 30, 2026

Possible ATT&CK Techniques 1AI

Affected Version Matrix 2

Vendor	Product	Version Range	Status
KMW	KM-IP421	`4.04.53.210416`	affected
KMW	KM-IP521	`4.04.91.230307`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

KMW CCTV Security Cameras Unverified Password Change

Source: NVD (National Vulnerability Database)

Vulnerability Description

The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

未经验证的口令修改

Source: NVD (National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
KMW	KM-IP521	4.04.91.230307	-
KMW	KM-IP421	4.04.53.210416	-

II. Public POCs for CVE-2026-5386

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-5386

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-5386 (2)

Other References for CVE-2026-5386 (1)

https://main.kmw.ro/pub/Firmware/521_421.zip

https://nvd.nist.gov/vuln/detail/CVE-2026-5386

IV. Related Vulnerabilities

Same weakness: CWE-620

V. Comments for CVE-2026-5386

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-5386— KMW CCTV Security Cameras Unverified Password Change

Possible ATT&CK Techniques 1AI

Affected Version Matrix 2

I. Basic Information for CVE-2026-5386

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-5386

III. Intelligence Information for CVE-2026-5386

Vendor Advisories for CVE-2026-5386 (2)

Other References for CVE-2026-5386 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-5386

Leave a comment