Lucene search
K

242 matches found

CNVD
CNVD
added 2017/03/14 12:0 a.m.4 views

Hikvision NVR Buffer Overflow Vulnerability

The Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 are both hard disk recorders from Hikvision, a Chinese company. A buffer overflow vulnerability exists in the Hikvision NVRs. It allows an attacker to cause a denial of service service interruption via a crafted HTTP request i.e. SDK issue...

6.8CVSS7.1AI score0.0128EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/14 12:0 a.m.5 views

Elevation of Privilege Vulnerability in Multiple NUUO and NetGear Products

NUUO NVRmini 2 and NVRsolo are network video recorders.NetGear ReadyNAS Surveillance is a comprehensive IP video surveillance solution that integrates video surveillance software, storage, switching, and network management.NUUO Crystal is a Linux-based enterprise VMS Virtual Memory System NUUO...

10CVSS8AI score0.9461EPSS
Exploits11References1
CNVD
CNVD
added 2016/08/09 12:0 a.m.4 views

NUUO NVRmini 2 Arbitrary Code Execution Vulnerability

NUUO provides a stable and high performance digital networked surveillance system. The NUUO NVRmini 2 suffers from an arbitrary code execution vulnerability that can be exploited by an attacker to inject and execute arbitrary code with root privileges due to unauthenticated and hidden debug scrip...

8.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/08/08 12:0 a.m.17 views

NUUO Device Detection (HTTP)

HTTP based detection of NUUO devices. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.105855";...

7.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/08/08 12:0 a.m.311 views

NUUO Network Video Recorder Default Credentials (HTTP)

The remote NUUO Network Video Recorder web interface is using known default credentials. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS9.7AI score0.02878EPSS
Exploits0References1
0day.today
0day.today
added 2016/08/05 12:0 a.m.109 views

NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vul

Exploit for hardware platform in category remote exploits Multiple vulnerabilities in NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS Surveillance application Discovered by Pedro Ribeiro email protected, Agile Information Security http://www.agileinfosec.co.uk/...

10CVSS0.5AI score0.9461EPSS
Exploits15
Exploit DB
Exploit DB
added 2016/08/05 12:0 a.m.74 views

NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities

Multiple vulnerabilities in NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS Surveillance application Discovered by Pedro Ribeiro [email protected], Agile Information Security http://www.agileinfosec.co.uk/ ==========================================================================...

10CVSS8.2AI score0.9461EPSS
Exploits13
Packet Storm
Packet Storm
added 2016/05/16 12:0 a.m.38 views

TP-Link SC2020n Authenticated Telnet Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'TP-Link SC2020n Authenticated Telnet Injection', 'Description' = %q The TP-Link SC2020n Network Video Camera is vulnerable to O...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/12 12:0 a.m.43 views

Netgear ReadyNAS Remote Code Execution

Unauthenticated Remote Command Execution in Netgear ReadyNAS Surveillance ========================================================================= Product Description =================== Netgear ReadyNAS Surveillance is a NVR Network Video Recorder available for Netgear NAS systems. Vulnerabilit...

0.2AI score
Exploits0
CNVD
CNVD
added 2016/01/16 12:0 a.m.4 views

Samsung SRN-1670D Weak Custom Encryption Algorithm Vulnerability

Samsung SRN-1670D is a network video recorder product. The Samsung SRN-1670D uses a weakly customizable encryption algorithm based on simple different-or operations, which allows remote attackers to exploit the vulnerability to obtain arbitrary files and user credentials...

7.8CVSS7AI score0.03779EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2015/10/02 12:0 a.m.54 views

Bosch Security Systems Dinion NBN-498 XML Injection

Exploit Title: Bosch Security Systems - XML Injection - Dinion NBN-498 Web Interface Date: 01/09/2015 Exploit Author: neom22 Vendor Homepage: http://us.boschsecurity.com Data Sheet: http://resource.boschsecurity.us/documents/DatasheetenUS9007201286798987.pdf Version: Hardware Firmware 4.54.0026 -...

9.7AI score0.05347EPSS
Exploits5
exploitpack
exploitpack
added 2015/10/01 12:0 a.m.58 views

Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection

Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection Exploit Title: Bosch Security Systems - XML Injection - Dinion NBN-498 Web Interface Date: 01/09/2015 Exploit Author: neom22 Vendor Homepage: http://us.boschsecurity.com Data Sheet:...

7.5CVSS9.9AI score0.05347EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/10/01 12:0 a.m.54 views

Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection

Exploit Title: Bosch Security Systems - XML Injection - Dinion NBN-498 Web Interface Date: 01/09/2015 Exploit Author: neom22 Vendor Homepage: http://us.boschsecurity.com Data Sheet: http://resource.boschsecurity.us/documents/DatasheetenUS9007201286798987.pdf Version: Hardware Firmware 4.54.0026 -...

9.8CVSS9.7AI score0.05347EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Seyeon FlexWATCH Network Video Server 2.2 Unauthorized Administrative Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8942/info It has been reported that FlexWATCH Network Video Server may be prone to an access validation error that may allow a remote attacker to gain administrative access to the system. The problem is reported to presen...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2013/06/07 8:55 p.m.2 views

CVE-2013-0144

Cross-site request forgery CSRF vulnerability in cgi-bin/createuser.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action...

6.8CVSS5.7AI score0.00619EPSS
Exploits0References2
Nmap
Nmap
added 2012/01/31 8:22 p.m.451 views

http-qnap-nas-info NSE Script

Attempts to retrieve the model, firmware version, and enabled services from a QNAP Network Attached Storage NAS device. Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline,...

10CVSS9.2AI score0.99448EPSS
Exploits33
Prion
Prion
added 2007/08/29 1:17 a.m.20 views

Path traversal

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder NVR SP2 2.0 allow remote attackers to 1 create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or 2...

5CVSS7.5AI score0.08045EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2007/08/29 1:17 a.m.10 views

CVE-2007-4583

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder NVR SP2 2.0 allow remote attackers to 1 create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or 2...

5CVSS7AI score0.08045EPSS
Exploits0References9
CVE
CVE
added 2007/08/29 1:0 a.m.48 views

CVE-2007-4582

CVE-2007-4582 describes a buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control (nvUnifiedControl.dll 1.1.45.0) used by ACTi Network Video Recorder (NVR) SP2 2.0. An attacker can trigger the overflow by passing a long second argument to the SetText method, enabling remote code...

7.5CVSS7.9AI score0.09965EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.23 views

CVE-2003-1160

FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes //...

7.2AI score0.0535EPSS
Exploits1References6
Rows per page
Query Builder