CVE-2020-37146
Published: 07 February 2026
Summary
CVE-2020-37146 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Acesecurity (inferred from references). Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2020-37146 is a configuration disclosure vulnerability affecting the ACE Security WiP-90113 HD Camera. The issue allows unauthenticated attackers to retrieve sensitive configuration files by sending a GET request to the /config_backup.bin endpoint, which exposes credentials and system settings. It carries a CVSS score of 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and is linked to CWE-306: Missing Authentication for Critical Function.
Unauthenticated attackers with network access to the device can exploit this vulnerability with low complexity and no privileges or user interaction required. Exploitation grants high-impact access to confidential data, including the camera's full configuration backup containing credentials and other system settings, potentially enabling further compromise of the device or related networks.
Advisories and related resources include vendor pages from ACE Security at https://acesecurity.jp and https://acesecurity.jp/support/top/wip_series/wip-90113, a VulnCheck advisory at https://www.vulncheck.com/advisories/aptina-ar-p-mp-camera-remote-configuration-disclosure, and a proof-of-concept exploit published on Exploit-DB at https://www.exploit-db.com/exploits/48127. Specific mitigation or patch details are outlined in these references.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31107
Vulnerability details
ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /config_backup.bin endpoint, exposing credentials and system settings.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct unauthenticated remote config file retrieval via public endpoint enables T1190 exploitation of the exposed service and directly exposes credentials stored in files (T1552.001).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prohibits unauthenticated access to critical functions by limiting permitted actions without identification or authentication, such as the /config_backup.bin endpoint.
Enforces approved authorizations to logically prevent unauthorized access to sensitive configuration files exposed by the camera.
Mandates access controls and security measures for publicly accessible system interfaces, mitigating unauthenticated retrieval of configuration backups over the network.