14 matches found
EUVD-2025-18957
Malicious code in bioql PyPI...
CVE-2025-6525
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper authorization. The attack needs to be approached within the...
CVE-2025-6524
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...
CVE-2025-6525
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper authorization. The attack needs to be approached within the...
CVE-2025-6525 70mai 1S Configuration Config.cgi improper authorization
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper authorization. The attack needs to be approached within the...
CVE-2025-6525 70mai 1S Configuration Config.cgi improper authorization
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper authorization. The attack needs to be approached within the...
CVE-2025-6525
CVE-2025-6525 affects 70mai 1S up to 20250611 with improper authorization in the Configuration Handler via /cgi-bin/Config.cgi?action=set. Exploitation requires local-network access; multiple feeds indicate publicly disclosed exploit and lack of vendor response. Impact is described as unauthorize...
CVE-2025-6524
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...
CVE-2025-6524 70mai 1S Video Services improper authentication
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...
CVE-2025-6524 70mai 1S Video Services improper authentication
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...
CVE-2025-6524
The CVE-2025-6524 entry concerns 70mai 1S devices (up to 20250611) with a vulnerability in the Video Services component. The issue is described as an improper authentication flaw that requires access to the local network, with attack complexity rated as HIGH. Public disclosure of the exploit is n...
70mai 1S 安全漏洞
70mai 1S is a smart recorder from 70mai 70mai, a Chinese company. A security vulnerability exists in 70mai 1S 20250611 and earlier versions, which stems from improper authorization due to misuse of the file /cgi-bin/Config.cgi?action=set...
70mai 1S 授权问题漏洞
70mai 1S is a smart recorder from 70mai 70mai, a Chinese company. An authorization issue vulnerability exists in 70mai 1S 20250611 and prior versions, which stems from improper authentication...
PT-2025-26648 · 70Mai · 70Mai 1S
Name of the Vulnerable Software and Affected Versions: 70mai 1S up to 20250611 Description: A problematic issue was found in the Configuration Handler component, affecting the /cgi-bin/Config.cgi?action=set file. This leads to improper authorization. The attack must be launched within the local...