57 matches found
CVE-2017-20213
CVE-2017-20213 affects FLIR Thermal Camera F/FC/PT/D Stream firmware 8.0.0.64. The Red Hat/NVD entries describe an unauthenticated vulnerability that lets remote attackers access live camera streams without credentials, exposing video feeds across multiple camera series. The available documents d...
CVE-2017-20213 FLIR Thermal Camera F/FC/PT/D Stream 8.0.0.64 Unauthenticated Stream Disclosure
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera...
CVE-2017-20213 FLIR Thermal Camera F/FC/PT/D Stream 8.0.0.64 Unauthenticated Stream Disclosure
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera...
CVE-2020-36925
Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without...
CVE-2020-36925 Arteco Web Client DVR/NVR Session ID Brute Force Authentication Bypass
Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without...
CVE-2020-36925
CVE-2020-36925 affects the Arteco Web Client DVR/NVR. The issue is a session hijacking vulnerability caused by insufficient session ID complexity, enabling attackers to brute‑force session IDs within a numeric range to bypass authentication and gain access to live camera streams. The available do...
CVE-2020-36925 Arteco Web Client DVR/NVR Session ID Brute Force Authentication Bypass
Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without...
CVE-2018-25141 FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthenticated RTSP Stream Disclosure
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without...
CVE-2018-25141 FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthenticated RTSP Stream Disclosure
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without...
Beward N100 安全漏洞
Beward N100 is an IP video codec open source from Beward, Russia. A security vulnerability exists in Beward N100 version M2.1.6.04C014, which stems from a lack of authentication in the video access mechanism and could lead to unauthorized access to live video streams...
PT-2025-53326
Name of the Vulnerable Software and Affected Versions Rifatron 5brid DVR versions HD6-532/516, DX6-516/508/504, MX6-516/508/504, EH6-504 Description The Rifatron 5brid DVR contains a flaw in the animate.cgi script that permits unauthorized access to live video streams. An attacker can leverage th...
PT-2025-53361
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without...
📄 GALAYOU G2 IP Camera Authentication Bypass
A critical authentication bypass vulnerability exists in the RTSP service of the GALAYOU G2 IP camera. The device exposes multiple RTSP stream endpoints that can be accessed without valid credentials, even when authentication is enabled...
Xiongmai XM530 安全漏洞
Xiongmai XM530 is a video surveillance camera from the Chinese company Xiongmai. A security vulnerability exists in the Xiongmai XM530 IP cameras Firmware version V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06, which stems from an authentication bypass, and could lead to unauthorized, remote...
CVE-2021-47727
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage...
EUVD-2021-34743
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage...
CVE-2021-47727
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage...
CVE-2021-47727 Selea Targa IP Camera Unauthenticated Stream Disclosure
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage...
CVE-2021-47727 Selea Targa IP Camera Unauthenticated Stream Disclosure
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage...
CVE-2020-25747
The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras firmware versions v342, v339 can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings...