Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-58453— JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc

CVSS 9.8 · Critical EPSS 1.69% · P74

Affected Version Matrix 1

VendorProductVersion RangeStatus
JAIOTlinkC492A-W6 Wi-Fi IP Camera4.8.30.57701411affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-58453

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc
Source: NVD (National Vulnerability Database)
Vulnerability Description
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anyka_ipc HTTP service on port 80. Attackers can authenticate with these hardcoded credentials to access camera snapshots, video streams, network configuration, and factory-level API endpoints including the SetMAC command injection surface.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1392
Source: NVD (National Vulnerability Database)
Vulnerability Title
JAIOTlink C492A-W6 Wi-Fi IP Camera 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
JAIOTlink C492A-W6 Wi-Fi IP Camera是JAIOTlink公司的一款Wi-Fi网络摄像机。 JAIOTlink C492A-W6 Wi-Fi IP Camera 4.8.30.57701411版本存在信任管理问题漏洞,该漏洞源于包含硬编码凭据,允许网络邻近的攻击者使用默认管理员用户名和空密码获取未经授权的访问。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
JAIOTlinkC492A-W6 Wi-Fi IP Camera 4.8.30.57701411 -

II. Public POCs for CVE-2026-58453

#POC DescriptionSource LinkShenlong Link
AI-Generated POCVerified env Premium
Qwen3.6-35B-A3B · 8215 chars
Pro+ exclusive includes:
Vulnerability reproduction recording (real sandbox build + trigger, exclusive)
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month

III. Intelligence Information for CVE-2026-58453

登录查看更多情报信息。

Vendor Advisories for CVE-2026-58453 (1)

Security Blog Posts for CVE-2026-58453 (1)

Vendor Pages for CVE-2026-58453 (1)

Same Patch Batch · JAIOTlink · 2026-07-01 · 3 CVEs total

CVE-2026-584528.8 HIGHJAIOTlink C492A-W6 4.8.30.57701411 OS Command Injection via SetMAC Endpoint
CVE-2026-584547.5 HIGHJAIOTlink C492A-W6 4.8.30.57701411 RCE via /Anyka/config Endpoint

IV. Related Vulnerabilities

V. Comments for CVE-2026-58453

No comments yet


Leave a comment