VulnCheck KEV: CVE-2023-6895

A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK. It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondataip with the input netstat -ano leads to os command injection...

Zenitel TCIS-3+ 安全漏洞

Zenitel TCIS-3+ is an IP intercom terminal produced by the Norwegian company Zenitel. There is a security vulnerability in Zenitel TCIS-3+, which allows authenticated attackers to execute arbitrary commands on the underlying system using the file names uploaded by them...

EUVD-2024-55372

Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...

CVE-2024-58337

Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities...

CVE-2024-58336

Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...

CVE-2024-58337 Akuvox Smart Intercom S539 Improper Access Control via ServicesHTTPAPI

Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities...

CVE-2024-58336

CVE-2024-58336 affects Akuvox Smart Intercom S539. The vulnerability enables unauthenticated remote access to live video streams by calling the video.cgi endpoint on port 8080, exposing confidentiality as described in multiple sources. Impact is the exposure of video data without authentication; ...

PT-2025-54256

Name of the Vulnerable Software and Affected Versions Akuvox Smart Intercom S539 affected versions not specified Description A flaw exists in Akuvox Smart Intercom S539 that permits remote attackers to gain access to live video streams without authentication. This is achieved by requesting the...

CVE-2018-25130

Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...

CVE-2018-25130

Beward Intercom 2.3.1 contains a local credential-disclosure vulnerability: usernames and passwords stored in plaintext in BEWARD.INTERCOM.FDB can be read by a local attacker, enabling unauthorized access to IP cameras and door stations. Root cause: credentials stored in an unencrypted database f...

CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database

Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...

CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database

Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...

Beward Intercom 安全漏洞

Beward Intercom is an IP video intercom system from the Russian company Beward. A security vulnerability exists in Beward Intercom version 2.3.1, which stems from credentials being stored in plaintext in an unencrypted file, which could lead to credential disclosure...

PT-2025-53351

Name of the Vulnerable Software and Affected Versions Beward Intercom version 2.3.1 Description A security issue exists in Beward Intercom 2.3.1 that allows local attackers to access plain-text authentication credentials. The credentials are stored in an unencrypted database file, specifically th...

Zenitel TCIV-3+ 操作系统命令注入漏洞

The Zenitel TCIV-3+ is an IP intercom terminal from Zenitel Norway. An operating system command injection vulnerability exists in the Zenitel TCIV-3+ prior to version 9.3.3.0, which stems from improper input validation and could allow an unauthenticated attacker to inject arbitrary commands...

Zenitel TCIV-3+ 跨站脚本漏洞

Zenitel TCIV-3+ is an IP intercom terminal from Zenitel Norway. The Zenitel TCIV-3+ suffers from a cross-site scripting vulnerability that stems from reflective cross-site scripting, which could lead to a remote attacker executing arbitrary JavaScript in the victim's browser...

EUVD-2025-199446

Malicious code in @posthog/intercom-plugin npm...

MAL-2025-191293 Malicious code in @posthog/intercom-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c972a0fa0f1cf26c3a80f626651c44d7d2b9021694b8e4f965ff35b56b0429 The package @posthog/intercom-plugin was found to contain malicious code. Source: google-open-source-security...

Malicious code in @posthog/intercom-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c972a0fa0f1cf26c3a80f626651c44d7d2b9021694b8e4f965ff35b56b0429 The package @posthog/intercom-plugin was found to contain malicious code. Source: google-open-source-security...

Intercom MaLion Security Point 安全漏洞

Intercom MaLion Security Point is an asset management and information leakage prevention software from Intercom Japan. A security vulnerability exists in Intercom MaLion Security Point that stems from a heap buffer overflow when handling Content-Length, which could lead to the execution of...