Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ip Camera Firmware Security Vulnerabilities

cve
cve

CVE-2013-1604

Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

6.6AI Score

0.022EPSS

2014-03-25 06:21 PM
24
cve
cve

CVE-2013-1605

Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to execute arbitrary code via a long filename in a GET request.

7.9AI Score

0.16EPSS

2014-03-25 06:21 PM
23
cve
cve

CVE-2014-1849

Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DN...

7AI Score

0.133EPSS

2014-05-14 12:55 AM
20
cve
cve

CVE-2017-3223

Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and oth...

9.8CVSS

9.8AI Score

0.012EPSS

2018-07-24 03:29 PM
56
cve
cve

CVE-2017-7253

Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first...

8.8CVSS

9AI Score

0.001EPSS

2017-03-30 06:59 PM
56
cve
cve

CVE-2018-11653

Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information about the network configuration like the network SSID and password.

9.8CVSS

9.1AI Score

0.003EPSS

2018-08-24 09:29 PM
24
cve
cve

CVE-2018-11654

Information disclosure in Netwave IP camera at get_status.cgi (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information from the device.

7.5CVSS

7.7AI Score

0.003EPSS

2018-08-24 09:29 PM
26
cve
cve

CVE-2018-6479

An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI.

7.5CVSS

7.5AI Score

0.001EPSS

2022-10-03 04:21 PM
30
cve
cve

CVE-2022-34138

Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.

7.5CVSS

7.4AI Score

0.001EPSS

2023-02-03 03:15 PM
17