15 matches found
CVE-2023-20036
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...
CVE-2024-12569
Disclosure of sensitive information in a Milestone XProtect Device Pack driver’s log file for third-party cameras, allows an attacker to read camera credentials stored in the Recording Server under specific conditions...
CVE-2024-12569
Disclosure of sensitive information in a Milestone XProtect Device Pack driver’s log file for third-party cameras, allows an attacker to read camera credentials stored in the Recording Server under specific conditions...
PT-2024-17657 · Hikvision +1 · Hikvision Camera Driver +1
Name of the Vulnerable Software and Affected Versions: Milestone XProtect Device Pack affected versions not specified HikVision camera driver in XProtect Device Pack affected versions not specified Description: The issue is related to the disclosure of sensitive information in a log file of the...
CVE-2023-20036
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...
CVE-2023-20036
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...
CVE-2023-20036 Cisco Industrial Network Director Command Injection Vulnerability
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...
CVE-2023-20036 Cisco Industrial Network Director Command Injection Vulnerability
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...
CVE-2024-3506
A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions...
CVE-2024-3506 Camera Driver possible Buffer Overflow
A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions...
CVE-2024-3506 Camera Driver possible Buffer Overflow
A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions...
CVE-2024-3506
CVE-2024-3506 corresponds to a buffer overflow in Milestone XProtect Device Pack camera drivers (Siveillance Video/XProtect Device Pack). Affected component is the camera driver within the Device Pack, with exploitation requiring access to an internal network and high attack complexity; CVSS show...
Milestone XProtect Device Pack 安全漏洞
Milestone XProtect Device Pack is a driver pack from Milestone. A security vulnerability exists in Milestone XProtect Device Pack version 13.1a and prior versions, which originates from a possible buffer overflow in the camera driver, allowing an attacker with internal network access to execute...
PT-2024-7807 · Milestone Systems · Xprotect Device Pack
Name of the Vulnerable Software and Affected Versions: Siveillance Video formerly Siveillance VMS versions affected versions not specified XProtect Device Pack versions affected versions not specified Description: The issue is related to a buffer overflow vulnerability due to the lack of size...
PT-2023-2386 · Cisco · Cisco Industrial Network Director
Name of the Vulnerable Software and Affected Versions: Cisco Industrial Network Director affected versions not specified Description: The issue exists due to improper input validation when uploading a Device Pack, allowing an authenticated, remote attacker to execute arbitrary commands with...