CVEs-PoC/2021/CVE-2021-21736.md

### [CVE-2021-21736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21736)
![](https://img.shields.io/static/v1?label=Product&message=ZXHN%20HS562&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=V1.0.0.0B2.0000%2C%20V1.0.0.0B3.0000%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=information%20leak&color=brightgreen)

### Description

A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have been revoked can still control the camera, such as restarting the camera, restoring factory settings, etc.. This affects ZXHN HS562 V1.0.0.0B2.0000, V1.0.0.0B3.0000E

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/n0-traces/cve_monitor