Login Sign Up

CVE-2023-33741

7.5 HIGH

📋 TL;DR

The Macrovideo v380pro security camera firmware v1.4.97 exposes device credentials when sharing camera access. This allows unauthorized users to obtain the device ID and password, potentially compromising the camera feed and device control. All users of this specific firmware version are affected.

💻 Affected Systems

Products:
  • Macrovideo v380pro security camera
Versions: v1.4.97
Operating Systems: Embedded camera firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices using the vulnerable firmware version. The vulnerability occurs specifically during the device sharing feature.

📦 What is this software?

V380 Pro by Macro Video

View all CVEs affecting V380 Pro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full control of security cameras, access live feeds, manipulate recordings, disable security monitoring, or pivot to internal networks if cameras are on corporate networks.

🟠

Likely Case

Unauthorized access to live camera feeds and recorded footage, potentially exposing sensitive visual information from homes or businesses.

🟢

If Mitigated

Limited impact if cameras are isolated on separate networks without internet access and strong network segmentation is in place.

🌐 Internet-Facing: HIGH - Devices exposed to the internet can have credentials harvested by any attacker, leading to complete compromise.
🏢 Internal Only: MEDIUM - Internal attackers or malware could still exploit this if they gain network access to the camera traffic.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires intercepting network traffic during device sharing or accessing shared device information. The GitHub reference shows detailed analysis of the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Contact Macrovideo support for firmware updates or replacement options.

🔧 Temporary Workarounds

Disable Device Sharing

all

Completely disable the device sharing feature to prevent credential exposure

Network Isolation

all

Place cameras on isolated VLAN without internet access

🧯 If You Can't Patch

  • Replace affected cameras with different models or brands
  • Implement strict network segmentation and firewall rules to block all camera internet access

🔍 How to Verify

Check if Vulnerable:

Check camera firmware version in device settings. If version is 1.4.97, device is vulnerable.

Check Version:

Check via camera web interface or mobile app settings

Verify Fix Applied:

Monitor network traffic during device sharing to ensure credentials are not transmitted in clear text

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts
  • Unusual access patterns to camera feeds
  • Device sharing activity from unknown users

Network Indicators:

  • Unencrypted transmission of device credentials
  • Unexpected outbound connections from cameras
  • Traffic to camera on non-standard ports

SIEM Query:

source="camera_logs" AND (event="share_device" OR event="credential_transmission")

📊 Metadata

CVE ID: CVE-2023-33741
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-203
Published: May 30, 2023
Last Updated: January 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-33741, you might also want to check these:

CVE-2024-23771 9.8

This vulnerability in darkhttpd allows remote attackers to bypass authentication via timing side-cha...

Same vulnerability type (CWE-203)
CVE-2019-25337 9.8

CVE-2019-25337 is a username enumeration vulnerability in ownCloud that allows remote attackers to d...

Same vulnerability type (CWE-203)
CVE-2024-25714 9.8

CVE-2024-25714 is a critical timing side-channel vulnerability in Rhonabwy's HMAC signature verifica...

Same vulnerability type (CWE-203)