📄 GALAYOU G2 IP Camera Authentication Bypass

A critical authentication bypass vulnerability exists in the RTSP service of the GALAYOU G2 IP camera. The device exposes multiple RTSP stream endpoints that can be accessed without valid credentials, even when authentication is enabled...

CVE-2025-65817

LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in startapp.sh...

CVE-2025-65817

LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in startapp.sh...

CVE-2025-65817

CVE-2025-65817 : The LSC Smart Connect Indoor IP Camera (v1.4.13) exposes a remote code execution vulnerability in the start_app.sh script. CVSS v3.1 base score 8.8 (High) with adjacent attack vector, no privileges required, no user interaction, and impacts on confidentiality, integrity, and avai...

CVE-2025-65817

LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in startapp.sh...

CVE-2025-65857

An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...

LSC Smart Connect Indoor IP Camera 安全漏洞

LSC Smart Connect Indoor IP Camera is an indoor IP camera driver from LSC Smart Connect. A security vulnerability exists in LSC Smart Connect Indoor IP Camera version 1.4.13, which stems from a remote code execution vulnerability in startapp.sh...

PT-2025-52682

Name of the Vulnerable Software and Affected Versions LSC Smart Connect Indoor IP Camera version 1.4.13 Description The LSC Smart Connect Indoor IP Camera version 1.4.13 contains a remote code execution issue in the start app.sh script. Recommendations At the moment, there is no information about...

PT-2025-52721

Name of the Vulnerable Software and Affected Versions Xiongmai XM530 IP cameras version V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 Description The GetStreamUri function exposes RTSP URIs that include hardcoded credentials, allowing unauthorized access to direct video streams. The affected devi...

Xiongmai XM530 安全漏洞

Xiongmai XM530 is a video surveillance camera from the Chinese company Xiongmai. A security vulnerability exists in the Xiongmai XM530 IP cameras Firmware version V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06, which stems from an authentication bypass, and could lead to unauthorized, remote...

CVE-2025-14299

The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor...

Axis Communications Camera Station Pro, Camera Station, and Device Manager (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code, executing a man-in-middle style attack, or bypass authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

CVE-2025-47387

CVE-2025-47387 relates to memory corruption when processing unverified JPEG IOCTL data in Qualcomm embedded platform firmware. The issue affects the IOCTL path handling JPEG data, caused by unverified input leading to memory corruption with potential for impact on confidentiality, integrity, and ...

CVE-2025-47387 Untrusted Pointer Dereference in Camera

Memory Corruption when processing IOCTLs for JPEG data without verification...

CVE-2025-47387 Untrusted Pointer Dereference in Camera

Memory Corruption when processing IOCTLs for JPEG data without verification...

Ningyuanda TC155 访问控制错误漏洞

The Ningyuanda TC155 is an IP camera from the Chinese company Ningyuanda. An access control error vulnerability exists in the Ningyuanda TC155 version 57.0.2.0, which stems from improper access control of the ONVIF PTZ control interface component, which could lead to unauthorized access...

Allsky Camera 安全漏洞

Allsky Camera is an Allsky open source camera system for photographing and monitoring the entire sky. A security vulnerability exists in Allsky Camera version v2024.12.0606, which originates from path traversal and could lead to arbitrary command execution...

Ningyuanda TC155 访问控制错误漏洞

The Ningyuanda TC155 is an IP camera from the Chinese company Ningyuanda. An access control error vulnerability exists in the Ningyuanda TC155 version 57.0.2.0, which stems from improper access control of the ONVIF Device Management Service component, which could lead to unauthorized access...

Ningyuanda TC155 安全漏洞

Ningyuanda TC155 is an IP camera from the Chinese company Ningyuanda. A security vulnerability exists in Ningyuanda TC155 version 57.0.2.0, which originates from improper operation of the RTSP service component and may result in a denial of service...