Brickcom多款产品 访问控制错误漏洞

Brickcom Cube, among others, are products of the Brickcom company. The Brickcom Cube is a series of indoor network surveillance cameras. The Brickcom Dome is a series of hemispherical network surveillance cameras. The Brickcom Bullet is a series of gun-type network surveillance cameras. Several o...

VulnCheck KEV: CVE-2020-11625

An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate...

Design/Logic Flaw

An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as t...

CVE-2020-11625

CVE-2020-11625 affects AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. The issue arises from ISAPI/Security/sessionLogin/capabilities responses that reveal whether a submitted username exists: a valid username r...

CVE-2020-11624

Technical details about CVE-2020-11624 are not publicly provided in the supplied documents. Monitor for updates and advisories for AvertX cameras (HD838/HD438) to obtain concrete impact and remediation information.

CVE-2019-7315

CVE-2019-7315 affects Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices running 3.x. The connected Nuclei template documents a Local File Inclusion (LFI) vulnerability exposed via the web interface, enabling an attacker to read sensitive files (demonstrated with /etc/shadow). ...