Critical Vulnerability in India-Based CCTV Cameras Exposes Video Feeds and Account Credentials
A significant security flaw has been identified in CCTV cameras manufactured by several India-based companies, potentially allowing unauthorized access to live video feeds and sensitive account information. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on December 9, 2025, under alert code ICSA-25-343-03, highlighting vulnerabilities in devices from D-Link India Limited, Sparsh Securitech, and Securus CCTV.
Vulnerability Details
The identified vulnerability, classified as missing authentication for a critical function (CWE-306), has been assigned CVE-2025-13607 with a critical Common Vulnerability Scoring System (CVSS) v4 score of 9.3.
– CVE ID: CVE-2025-13607
– CVSS v4 Score: 9.3 (Critical)
– CVSS v3 Score: 9.4 (Critical)
– Vulnerability Type: Missing Authentication for Critical Function
– CWE ID: CWE-306
– Attack Vector: Network (AV:N)
This flaw enables remote attackers to exploit a vulnerable URL endpoint without authentication, granting unauthorized access to sensitive camera configuration data, including administrative account credentials.
The D-Link DCS-F5614-L1 camera model running firmware versions v1.03.038 and earlier is confirmed to be affected. While specific models for Sparsh Securitech and Securus CCTV have not been documented, organizations using cameras from these vendors may face similar risks.
Attack Vector and Risk
The vulnerability poses a critical threat due to its network accessibility and low attack complexity. A malicious actor requires no special privileges or user interaction to exploit the flaw, making it relatively easy for remote attackers to execute. Successful exploitation can lead to information disclosure, including the capture of camera account credentials, potentially compromising surveillance infrastructure and enabling unauthorized system access.
D-Link has released a security update for affected devices and published a security advisory. The vendor strongly urges immediate installation of patches and emphasizes validating update success by comparing firmware versions on device interfaces.
For Sparsh Securitech and Securus CCTV users, CISA reports that these vendors did not respond to coordination requests. Organizations should contact vendor support directly to determine which models are affected and obtain remediation guidance.
CISA recommends critical defensive measures, including minimizing network exposure by isolating cameras from internet connectivity, restricting access behind firewalls, and implementing VPN solutions for required remote access. Organizations should perform impact analysis before deploying defensive measures. No active public exploitation has been reported to CISA at this time.
Given the severity and ease of exploitation of this flaw, it is imperative that affected CCTV systems are patched and secured immediately to protect businesses and critical infrastructure across India.
