235 matches found
PT-2026-22173
Name of the Vulnerable Software and Affected Versions Pelco Sarix Professional 3 Series Cameras affected versions not specified Description The Pelco Sarix Professional 3 Series Cameras have a flaw in their web management interface related to insufficient access control enforcement. This allows...
CVE-2026-26340
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...
CVE-2026-26340
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...
CVE-2026-26340
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...
Tattile Cameras 1.181.5 Unauthenticated RTSP Stream Disclosure
Summary Tattile is an Italian manufacturer specializing in advanced ANPR/ALPR, traffic‑enforcement, and machine‑vision camera systems used across intelligent transportation networks, tolling infrastructures, access‑control environments, and industrial automation. Their portfolio includes...
CVE-2025-66049
Vivotek IP7137 camera with firmware version 0200a is vulnerable to an information disclosure issue where live camera footage can be accessed through the RTSP protocol on port 8554 without requiring authentication. This allows unauthorized users with network access to view the camera's feed,...
CVE-2024-34896
An issue in Nedis SmartLife Video Doorbell WIFICDP10GY, Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed...
CVE-2025-23969
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2017-20213
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera...
FLIR Thermal Camera 访问控制错误漏洞
FLIR Thermal Camera F Series and others are a series of thermal imaging cameras from FLIR, USA. An access control error vulnerability exists in FLIR Thermal Camera F/FC/PT/D Stream version 8.0.0.64, which stems from a lack of authentication and could lead to unauthorized access to the live video...
CVE-2024-58336
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...
CVE-2024-58336
CVE-2024-58336 affects Akuvox Smart Intercom S539. The vulnerability enables unauthenticated remote access to live video streams by calling the video.cgi endpoint on port 8080, exposing confidentiality as described in multiple sources. Impact is the exposure of video data without authentication; ...
CVE-2024-58336 Akuvox Smart Intercom S539 Unauthenticated Video Stream Disclosure
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...
CVE-2024-58336 Akuvox Smart Intercom S539 Unauthenticated Video Stream Disclosure
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...
PT-2025-54256
Name of the Vulnerable Software and Affected Versions Akuvox Smart Intercom S539 affected versions not specified Description A flaw exists in Akuvox Smart Intercom S539 that permits remote attackers to gain access to live video streams without authentication. This is achieved by requesting the...
CVE-2019-25248
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism...
CVE-2019-25236
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the getjpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/getjpeg endpoint without authentication...
CVE-2019-25240
Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication...
CVE-2018-25141
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without...
CVE-2018-25136
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can retrieve video stream images by directly accessing multiple image endpoints like middleImage.jpg, rightimage.jpg, and...