22 matches found
CVE-2024-34896
An issue in Nedis SmartLife Video Doorbell WIFICDP10GY, Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed...
CloudEdge Online Cameras and App
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to live video feed and camera control. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...
EUVD-2017-17361
Malware in sbrugna...
EUVD-2024-35172
Malicious code in bioql PyPI...
EUVD-2024-46256
Malicious code in bioql PyPI...
CVE-2024-34896
An issue in Nedis SmartLife Video Doorbell WIFICDP10GY, Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed...
PT-2025-2423
Name of the Vulnerable Software and Affected Versions: Nedis SmartLife Video Doorbell WIFICDP10GY version 1.4.0 Nedis SmartLife IOS version 1.4.0 Description: The issue causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to the live video...
CVE-2024-34896
An issue in Nedis SmartLife Video Doorbell WIFICDP10GY, Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed...
CVE-2024-34896
The CVE-2024-34896 entry concerns the Nedis SmartLife Video Doorbell (WIFICDP10GY) and Nedis SmartLife iOS app (v1.4.0). The connected Red Hat, NVD, and CVE records provide concrete detail: users who were previously connected via a peer-to-peer session can continue to access the live video feed e...
CVE-2024-34896
An issue in Nedis SmartLife Video Doorbell WIFICDP10GY, Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to live video feed...
CVE-2024-52327
The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed...
CVE-2024-52327
The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed...
CVE-2024-52327
CVE-2024-52327 affects ECOVACS cloud service for robot lawnmowers/vacuums; authenticated attackers can bypass PIN to access live video feed. Documented in multiple feeds with CVSS metrics (AV:N/AC:L/PR:L/UI:N/S:U for CVSS 3.1, and related CS metrics). The connected sources confirm the vulnerabili...
PT-2025-2925 · Ecovacs · Ecovacs
Name of the Vulnerable Software and Affected Versions: ECOVACS affected versions not specified Description: The issue allows authenticated attackers to bypass the PIN entry required to access the live video feed. This affects the cloud service used by ECOVACS robot lawnmowers and vacuums...
CVE-2017-8409
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed...
Default credentials
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed...
CVE-2017-8405
An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a user should be...
CVE-2017-8409
The CVE-2017-8409 issue affects the D-Link DCS-1130 network camera. A missing authentication check on a specific URL allows an attacker to view the live video feed without credentials, increasing risk given there are many affected devices. The problem is due to inconsistent access restrictions on...
CVE-2017-8409
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed...
Here's How Hackers Could Have Spied On Your DJI Drone Account
Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could have allowed attackers access user accounts and synced sensitive information within it, including flight records, location, live video camera feed, and photos tak...