Lucene search
K

138 matches found

Prion
Prion
added 2020/10/06 2:15 p.m.16 views

Hardcoded credentials

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to b...

5CVSS7.8AI score0.02087EPSS
Exploits1References2
CVE
CVE
added 2020/10/06 1:16 p.m.74 views

CVE-2020-24219

CVE-2020-24219 affects URayTech IPTV/H.264/H.265 video encoders (up to v1.97). The vulnerability is a path traversal/pattern-matching flaw in unauthenticated HTTP handling that allows an attacker to read files from the device, including the configuration file containing the cleartext admin passwo...

7.8CVSS7.6AI score0.22966EPSS
In wildExploits3References3Affected Software1
Cvelist
Cvelist
added 2020/10/06 1:16 p.m.16 views

CVE-2020-24219

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthenticated HTTP requests to exploit path traversal and pattern-matching programming flaws, and retrieve any file from the device's file system, including the configuration file with t...

7.7AI score0.22966EPSS
Exploits3References3
NVD
NVD
added 2020/10/06 1:15 p.m.20 views

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

9.8CVSS0.18989EPSS
Exploits3References3
NVD
NVD
added 2020/10/06 1:15 p.m.13 views

CVE-2020-24214

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming fo...

9.8CVSS0.35393EPSS
Exploits4References3
Prion
Prion
added 2020/10/06 1:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming fo...

7.5CVSS9.5AI score0.35393EPSS
Exploits4References3
CVE
CVE
added 2020/10/06 1:10 p.m.45 views

CVE-2020-24218

CVE-2020-24218 affects URayTech IPTV/H.264/H.265 video encoders (up to version 1.97). The issue allows an unauthenticated remote attacker to log in as root using a hard-coded password embedded in the executable, effectively granting full control over the device. Documents indicate this involves d...

9.8CVSS9.5AI score0.01935EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/06 1:10 p.m.15 views

CVE-2020-24218

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file...

9.6AI score0.01935EPSS
Exploits1References2
CVE
CVE
added 2020/10/06 1:5 p.m.108 views

CVE-2020-24217

HiSilicon IPTV/H.264/H.265 video encoder devices are affected by CVE-2020-24217 due to an unauthenticated file-upload endpoint that can upload a custom firmware component, potentially coupled with command injection, to achieve arbitrary code execution. The connected sources (exploit-DB entries, C...

9.8CVSS9.8AI score0.38961EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2020/10/06 1:5 p.m.25 views

CVE-2020-24217

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to...

9.9AI score0.38961EPSS
Exploits5References4
CVE
CVE
added 2020/10/06 1:2 p.m.52 views

CVE-2020-24216

The CVE-2020-24216 issue affects HiSilicon-based IPTV/H.264/H.265 video encoders running the box application. When an administrator configures a secret RTSP streaming URL, streams remain reachable via default names (e.g., /0), allowing unauthenticated users to view streams meant to be private. Th...

7.5CVSS7.8AI score0.02087EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/06 1:2 p.m.21 views

CVE-2020-24216

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to b...

8AI score0.02087EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/10/06 1:0 p.m.22 views

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

9.8AI score0.18989EPSS
Exploits3References3
CVE
CVE
added 2020/10/06 1:0 p.m.85 views

CVE-2020-24215

CVE-2020-24215 affects HiSilicon-based IPTV/H.264/H.265 video encoders. The issue arises from hard-coded credentials in HTTP requests, enabling an attacker to perform any administrative task, retrieve device configurations (including the cleartext admin password), and upload firmware. This can le...

9.8CVSS9.7AI score0.18989EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2020/10/06 12:58 p.m.30 views

CVE-2020-24214

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming fo...

9.6AI score0.35393EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.12 views

Mitsubishi R16MTCPU PLC Detection

Binary data 751833.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.12 views

Mitsubishi R64MTCPU PLC Detection

Binary data 751843.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.17 views

Mitsubishi R32MTCPU PLC Detection

Binary data 751839.prm...

7.3AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2019/03/28 12:0 a.m.137 views

Security update for ffmpeg-4 (low)

openSUSE Security Update: Security update for ffmpeg-4 Announcement ID: openSUSE-SU-2019:1066-1 Rating: low References: 1092241 1100348 1105869 Cross-References: CVE-2018-13300 CVE-2018-15822 Affected Products: openSUSE Backports SLE-15 An update that solves two vulnerabilities and has one errata...

8.1CVSS8.8AI score0.03266EPSS
Exploits0References3
Kitploit
Kitploit
added 2018/12/25 8:20 p.m.105 views

stoQ - An Open Source Framework For Enterprise Level Automated Analysis

stoQ is a automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps teams the ability to quickly transition from different data sources, databases, decoders/encoders, and numerous other tasks. stoQ was designed...

7.3AI score
Exploits0References2
Rows per page
Query Builder