CVE-2024-58336

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-58336

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

A

kuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affected Akuvox doorphone and intercom devices.

References
Link Resource
https://packetstormsecurity.com/files/180262/ Broken Link
https://www.vulncheck.com/advisories/akuvox-smart-intercom-s-unauthenticated-video-stream-disclosure Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:akuvox:s539_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:s539:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:akuvox:s532_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:s532:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:akuvox:x916_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:x916:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:akuvox:x915_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:x915:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:akuvox:x912_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:x912:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:akuvox:r29_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:r29:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:akuvox:r20k-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:r20k-2:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:akuvox:r20a-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:r20a-2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:akuvox:c313w-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:c313w-2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:akuvox:ns-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:ns-2:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:akuvox:nc-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:nc-2:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:akuvox:nx-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:nx-2:-:*:*:*:*:*:*:*
History

16 Jan 2026, 19:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 5.3

13 Jan 2026, 21:31

Type Values Removed Values Added
First Time Akuvox r20k-2 Firmware
Akuvox r20k-2
Akuvox x915
Akuvox r29
Akuvox ns-2
Akuvox c313w-2
Akuvox nx-2
Akuvox x915 Firmware
Akuvox s539 Firmware
Akuvox nc-2 Firmware
Akuvox c313w-2 Firmware
Akuvox r29 Firmware
Akuvox r20a-2
Akuvox x916 Firmware
Akuvox x912 Firmware
Akuvox r20a-2 Firmware
Akuvox nc-2
Akuvox s532 Firmware
Akuvox
Akuvox s539
Akuvox nx-2 Firmware
Akuvox s532
Akuvox ns-2 Firmware
Akuvox x916
Akuvox x912
CPE cpe:2.3:h:akuvox:c313w-2:-:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:x912_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:x916:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:r29:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:ns-2:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:x915:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:nx-2:-:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:c313w-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:x915_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:r20a-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:ns-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:s532_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:x916_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:nc-2:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:s532:-:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:r29_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:r20k-2:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:x912:-:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:r20k-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:r20a-2:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:s539:-:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:nx-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:nc-2_firmware:912.30.1.137:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:s539_firmware:912.30.1.137:*:*:*:*:*:*:*
References () https://packetstormsecurity.com/files/180262/ - () https://packetstormsecurity.com/files/180262/ - Broken Link
References () https://www.vulncheck.com/advisories/akuvox-smart-intercom-s-unauthenticated-video-stream-disclosure - () https://www.vulncheck.com/advisories/akuvox-smart-intercom-s-unauthenticated-video-stream-disclosure - Third Party Advisory
References () https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php - () https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php - Third Party Advisory

02 Jan 2026, 15:15

Type Values Removed Values Added
References () https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php - () https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5826.php -

30 Dec 2025, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-30 23:15

Updated : 2026-01-16 19:16

NVD link : CVE-2024-58336

Mitre link : CVE-2024-58336

CVE.ORG link : CVE-2024-58336

JSON object : View

Products Affected

akuvox

CWE
CWE-306

Missing Authentication for Critical Function