CVE-2026-5386
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk43th percentile — higher than 43% of all known CVEs
Summary
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.
Risk Assessment
This vulnerability poses a serious risk to organizations as it allows unauthorized access to surveillance systems. It could lead to a loss of data confidentiality and privacy breaches.
Recommendation
It is recommended to immediately update the camera firmware and implement strong authentication mechanisms. Additionally, monitoring access to the systems is advised to detect potential attack attempts.
Original NVD description (English source)
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.

