Login Sign Up

CVE-2024-31800

6.8 MEDIUM
Authentication Bypass

📋 TL;DR

This vulnerability allows attackers with physical access to GNCC's GC2 Indoor Security Camera 1080P to bypass authentication and gain privileged command shell access via the UART debugging port. This affects users of this specific camera model who have not disabled or secured the debugging interface. Physical access to the device is required for exploitation.

💻 Affected Systems

Products:
  • GNCC GC2 Indoor Security Camera 1080P
Versions: All versions with exposed UART debugging port
Operating Systems: Embedded Linux firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices where the UART debugging port is physically accessible and not disabled in firmware.

📦 What is this software?

Gncc C2 Firmware by Gncchome

View all CVEs affecting Gncc C2 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains full administrative control of the camera, can disable security features, access video feeds, modify firmware, or use the device as a network pivot point.

🟠

Likely Case

Attacker with brief physical access extracts credentials, disables camera functionality, or installs persistent backdoor.

🟢

If Mitigated

With proper physical security controls, the vulnerability cannot be exploited as physical access is prevented.

🌐 Internet-Facing: LOW - Exploitation requires physical access to the device, not network access.
🏢 Internal Only: MEDIUM - Physical access within secured premises could allow exploitation if devices are not physically secured.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires physical access and basic hardware tools to connect to UART pins. No authentication needed once physical connection is established.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Contact vendor GNCC for firmware updates or hardware revision information.

🔧 Temporary Workarounds

Disable UART Debug Port

all

Physically disable or obscure the UART debugging port on the device

Apply Epoxy to UART Pins

all

Use non-conductive epoxy to cover UART contact points to prevent physical connection

🧯 If You Can't Patch

  • Implement strict physical security controls to prevent unauthorized access to devices
  • Deploy cameras in tamper-evident enclosures or secure locations

🔍 How to Verify

Check if Vulnerable:

Physically inspect device for exposed UART pins or test with UART-to-USB adapter to check for accessible shell

Check Version:

No version-specific command; vulnerability exists in all versions with exposed UART

Verify Fix Applied:

Verify UART port is physically inaccessible or test connection attempt fails

📡 Detection & Monitoring

Log Indicators:

  • Unexpected device reboots
  • Firmware version changes
  • Authentication failures

Network Indicators:

  • Unusual outbound connections from camera
  • Changes to camera network configuration

SIEM Query:

Device:vendor="GNCC" AND (event:reboot OR event:config_change)

📊 Metadata

CVE ID: CVE-2024-31800
CVSS v3 Score: 6.8 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-287
Published: August 15, 2024
Last Updated: October 30, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-31800, you might also want to check these:

CVE-2024-27767 10.0

CVE-2024-27767 is an authentication bypass vulnerability that allows attackers to gain unauthorized ...

Same vulnerability type (CWE-287)
CVE-2026-24898 10.0

OpenEMR versions before 8.0.0 contain an unauthenticated token disclosure vulnerability in the MedEx...

Same vulnerability type (CWE-287)
CVE-2026-20127 10.0

This critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager al...

Same vulnerability type (CWE-287)