CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/12/26 4:12 a.m.•3 views

CVE-2025-52599 Inadequate account permissions management

6.3CVSS6.5AI score0.00212EPSS

Cvelist•added 2025/12/26 4:12 a.m.•23 views

CVE-2025-52599 Inadequate account permissions management

6.3CVSS0.00212EPSS

CVE•added 2025/12/26 4:7 a.m.•23 views

CVE-2025-52598

CVE-2025-52601 involves Hanwha Vision cameras where the Device Manager contains a hard-coded cryptographic key used for sensitive data. This design flaw enables an attacker to decrypt protected information. The Tenable/ Nessus entries summarize the issue and note that the manufacturer has release...

6.3CVSS6.1AI score0.00173EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/26 4:7 a.m.•25 views

CVE-2025-52598 Insufficient certificate validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the...

6.3CVSS0.00173EPSS

EUVD•added 2025/12/26 4:7 a.m.•2 views

EUVD-2025-205423

6.3CVSS6AI score0.00173EPSS

Vulnrichment•added 2025/12/26 4:7 a.m.•3 views

CVE-2025-52598 Insufficient certificate validation

6.3CVSS6.5AI score0.00173EPSS

CNNVD•added 2025/12/26 12:0 a.m.•3 views

Hanwha Vision Camera 安全漏洞

Hanwha Vision Camera is a series of cameras from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision Camera that stems from insufficient management of camera guest account privileges...

6.5CVSS6.5AI score0.00212EPSS

CNNVD•added 2025/12/26 12:0 a.m.•4 views

Hanwha Vision Camera 安全漏洞

Hanwha Vision Camera is a series of cameras from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision Camera that stems from improper input validation in the camera's video analytics, which could lead to an attacker executing specific commands on the user's host...

7.2CVSS6.4AI score0.00369EPSS

CNNVD•added 2025/12/26 12:0 a.m.•4 views

Hanwha Vision Camera 安全漏洞

Hanwha Vision Camera is a series of cameras from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision Camera that stems from the camera client service not performing certificate validation...

6.3CVSS6.4AI score0.00173EPSS

Positive Technologies•added 2025/12/26 12:0 a.m.•3 views

PT-2025-53444

Name of the Vulnerable Software and Affected Versions Nozomi Networks affected versions not specified Description The camera client service does not perform certificate validation. This could allow for potential security risks. Recommendations Apply the patch firmware released by the manufacturer...

6.3CVSS6.6AI score0.00173EPSS

Exploits0References5

Positive Technologies•added 2025/12/26 12:0 a.m.•5 views

PT-2025-53623

🚨 CVE-2025-52598 Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, plea...

6.3CVSS6.8AI score0.00173EPSS

Exploits0References5

Positive Technologies•added 2025/12/26 12:0 a.m.•4 views

PT-2025-53446

Name of the Vulnerable Software and Affected Versions Camera Video Analytics Software affected versions not specified Description A flaw exists in camera video analytics software related to improper input validation. This could allow an attacker to execute commands on a user’s host PC...

5.2CVSS6.7AI score0.00369EPSS

Exploits0References6

NVD•added 2025/12/24 8:15 p.m.•21 views

CVE-2019-25246

Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...

8.8CVSS0.17393EPSS

NVD•added 2025/12/24 8:15 p.m.•6 views

CVE-2019-25247

Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...

5.3CVSS0.00138EPSS

OSV•added 2025/12/24 8:15 p.m.•4 views

CVE-2018-25138

FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...

9.8CVSS5.8AI score0.00523EPSS

Exploits2References3

NVD•added 2025/12/24 8:15 p.m.•6 views

CVE-2018-25138

9.8CVSS0.00523EPSS

Exploits2References3

NVD•added 2025/12/24 8:15 p.m.•7 views

CVE-2018-25139

FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage...

8.7CVSS0.00447EPSS

Exploits2References3

CVE•added 2025/12/24 7:28 p.m.•13 views

CVE-2019-25246

CVE-2019-25246 affects Beward N100 H.264 VGA IP Camera version M2.1.6. The issue is an authenticated file disclosure via the READ.filePath parameter, enabling access to arbitrary system files (e.g., /etc/passwd, /etc/issue) through the fileread script or SendCGICMD API. The vulnerability is explo...

8.8CVSS6.2AI score0.17393EPSS

Cvelist•added 2025/12/24 7:28 p.m.•24 views

CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability

5.3CVSS0.00138EPSS