Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-17803

Malware in sbrugna...

9.8CVSS9.5AI score0.01525EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-17806

Malware in sbrugna...

10CVSS9.5AI score0.02331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-17802

Malware in sbrugna...

6.5CVSS7AI score0.00866EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-17804

Malware in sbrugna...

10CVSS9.5AI score0.01483EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2018/02/16 12:0 a.m.6 views

The vulnerability of the microprogrammed software of the Cohu 3960HD IP camera allows a intruder to execute arbitrary code.

The vulnerability of the Microprogrammed IP Camera Cohu 3960HD is related to the implementation of security functions at the client side. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by manipulating camera parameters remotely...

10CVSS5.9AI score0.02331EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2018/02/16 12:0 a.m.5 views

The vulnerability of the webupgrade function in the microprogrammed IP camera software of Cohu 3960HD allows a intruder to execute code with root privileges.

The vulnerability of the webupgrade function in the microprogrammed IP camera system Cohu 3960HD relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges by loading a specially crafted archive...

10CVSS6AI score0.01483EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/24 12:0 a.m.64 views

Cohu 3960HD Multiple Vulnerabilities

Cohu 3960HD Series IP cameras are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

10CVSS8.2AI score0.02331EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 8:29 a.m.14 views

CVE-2017-8862

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...

10CVSS9.4AI score0.01483EPSS
Exploits0References1
Prion
Prion
added 2017/11/22 8:29 a.m.14 views

Design/Logic Flaw

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...

10CVSS9.3AI score0.01483EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 8:29 a.m.15 views

CVE-2017-8864

Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if !passwordsAreEqual" test...

10CVSS9.5AI score0.02331EPSS
Exploits0References1
NVD
NVD
added 2017/11/22 8:29 a.m.19 views

CVE-2017-8861

Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets...

9.8CVSS9.6AI score0.01525EPSS
Exploits0References1
Prion
Prion
added 2017/11/22 8:29 a.m.15 views

Authentication flaw

Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets...

7.5CVSS9.5AI score0.01525EPSS
Exploits0References1
Prion
Prion
added 2017/11/22 8:29 a.m.18 views

Code injection

Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if !passwordsAreEqual" test...

10CVSS9.4AI score0.02331EPSS
Exploits0References1
Prion
Prion
added 2017/11/22 8:29 a.m.13 views

Information disclosure

Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web request with an extra / character, such as a "GET // HTTP/1.1" request...

5CVSS6.2AI score0.00866EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 8:0 a.m.16 views

CVE-2017-8861

Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets...

9.7AI score0.01525EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/22 8:0 a.m.18 views

CVE-2017-8862

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...

9.5AI score0.01483EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 8:0 a.m.47 views

CVE-2017-8860

CVE-2017-8860 affects the Cohu 3960HD IP camera series. The issue is information disclosure caused by an information-leaking directory listing vulnerability that can be triggered by a crafted HTTP request containing an extra slash (for example, a GET // HTTP/1.1). Successful exploitation allows a...

6.5CVSS6.7AI score0.00866EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 8:0 a.m.49 views

CVE-2017-8864

CVE-2017-8864 affects the Cohu 3960HD IP camera series. The vulnerability arises from client-side enforcement (JavaScript) of server-side security options, allowing an attacker to manipulate options sent to the camera and potentially cause malfunction or code execution, as demonstrated by a clien...

10CVSS9.4AI score0.02331EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/11/22 8:0 a.m.50 views

CVE-2017-8862

CVE-2017-8862 concerns the Cohu 3960HD IP camera family. The webupgrade function does not verify firmware upgrade files or processes, enabling an attacker to upload a crafted postinstall.sh that is executed with root privileges. Documented sources (NVD/NVD listing) describe a high-severity impact...

10CVSS9.4AI score0.01483EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 8:0 a.m.20 views

CVE-2017-8864

Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if !passwordsAreEqual" test...

9.6AI score0.02331EPSS
Exploits0References1
Rows per page
Query Builder