Vulnerability Database

310,450

Total vulnerabilities in the database

CVE-2021-4469

Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port 8001 that provides access to a '/snapshot' endpoint without authentication. While the primary web interface on port 80 enforces authentication, the backdoor service allows any remote attacker to retrieve image snapshots by directly requesting the 'snapshot' endpoint. An attacker can repeatedly collect snapshots and reconstruct the camera stream, compromising the confidentiality of the monitored environment.

Published: Nov 14, 2025
Updated: Nov 16, 2025
CVE: CVE-2021-4469
Exploit:

No technical information available.

CWEs:

CWE-306
CWE-1242

Affected Software
References

No affected software listed.

http://old.denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826
https://www.exploit-db.com/exploits/50162
https://www.vulncheck.com/advisories/denver-sho-110-ip-camera-unauthenticated-snapshot-access

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo