427 matches found
Reolink P2P/UID Service Detection
Binary data reolinknetworkcamerap2puiddetect.nbin...
CVE-2024-26548
An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the uploadfile.cgi component...
CVE-2023-22370
Stored cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a network-adjacent authenticated attacker to inject an arbitrary script. NOTE: This vulnerability only affects products that are no longer supported by the developer...
CVE-2017-9829
'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable, which allows remote attackers to read any file on the camera's Linux filesystem via a crafted HTTP request containing ".." sequences. This vulnerability is already verified on VIVOTEK...
D-Link DCS-932L /sbin/ucp file buffer overflow vulnerability
The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a buffer overflow vulnerability that originates from the failure of the parameter CameraName in the file /sbin/ucp to properly validate the length...
D-Link DCS-932L /bin/gpio file buffer overflow vulnerability
The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a buffer overflow vulnerability that originates from the failure of the parameter CameraName in the file /bin/gpio to properly validate the length...
Edimax Network Cameras Detection
Binary data edimaxnetworkcameradetected.nbin...
Axis Communications Network Cameras and Video Servers Unauthenticated Device Administration (CVE-2004-2427)
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to 1 admin/getparam.cgi, 2 admin/systemlog.cgi, 3 admin/serverreport.cgi, and 4 admin/paramlist.cgi, modify system information via 5 setparam.cgi an...
JVN#11779839: Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials
Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP. The user can select which to use on the GUI configuration page. Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware versions of...
Sony Network Cameras OS Command Injection (CVE-2018-3937)
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this...
CVE-2024-26548
An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the uploadfile.cgi component...
CVE-2024-26548
An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the uploadfile.cgi component...
Design/Logic Flaw
An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the uploadfile.cgi component...
PT-2024-21419 · Vivotek · Vivotek Network Cameras
Name of the Vulnerable Software and Affected Versions: vivotek Network Camera version v.FD8166A-VVTK-0204j Description: An issue in the vivotek Network Camera allows a remote attacker to execute arbitrary code via a crafted payload to the "upload file.cgi" component. Recommendations: For version...
CVE-2024-26548
An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the uploadfile.cgi component...
CVE-2024-26548
The CVE-2024-26548 affects the vivotek Network Camera v.FD8166A-VVTK-0204j. A remote attacker can achieve arbitrary code execution by sending a crafted payload to the upload_file.cgi component. Documented impact is high (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8). The root cause is ...
PT-2023-8872 · Uniview · Uniview Ip Camera
Name of the Vulnerable Software and Affected Versions: Uniview IP Camera affected versions not specified Description: The issue is related to identification and authentication failure at the web-based management interface of Uniview IP Camera. A remote attacker could exploit this by sending...
GeoVision GV-ADR2701 授权问题漏洞
Geovision GeoVision GV-ADR2701 is an outdoor fixed network camera from Geovision, a Chinese company. An authorization issue vulnerability exists in GeoVision GV-ADR2701 version V1.0020171215, which stems from the presence of improper authentication issues that allow an attacker to log in to the...
ELECOM WRC 命令注入漏洞
The ELECOM WRC is a network camera for the home from ELECOM Japan. A command injection vulnerability exists in the ELECOM WRC-1167GHBK-S v1.03 and earlier and WRC-1167GBBK-S v1.03 and earlier, which originates from a vulnerability that allows network-adjacent authenticated attackers to execute...
ELECOM WRC 操作系统命令注入漏洞
The ELECOM WRC is a home-ready network camera from ELECOM Japan. A security vulnerability exists in ELECOM WRC-1167FEBK-A v1.18 and earlier versions, which stems from the presence of operating system command injection, where a network-adjacent authenticated attacker can execute arbitrary operatin...