EUVD-2026-36326

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return...

CVE-2026-6250

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return...

CVE-2026-6250

The CVE-2026-6250 entry documents an authenticated format-string vulnerability in the ONVIF service of the TP-Link Tapo C110 v2. The issue arises from improper handling of user-controlled input, where externally controlled data is interpreted as a format string. This allows an authenticated remot...

CVE-2026-6250 Authenticated Format String Injection on TP-Link Tapo C110

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return...

PT-2026-48786

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return...

CVE-2026-6240

A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenticated attacker can send a crafted malicious request containing an excessive number of identifiers ...

PT-2026-47077

A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenticated attacker can send a crafted malicious request containing an excessive number of identifiers ...

CVE-2025-69986

A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Protocol parameter inside the Transport element. By sending a specially crafted SOAP request containing an oversized protocol string, an...

CVE-2025-11852

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

EUVD-2025-34825

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-11852

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-11852 Apeman ID71 ONVIF Service device_service missing authentication

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

Apeman ID71 访问控制错误漏洞

The Apeman ID71 is a webcam from Apeman. The Apeman ID71 suffers from an Access Control Error vulnerability that stems from a lack of authentication in the ONVIF Service component in the file /onvif/deviceservice, which could lead to a remote attack...

EUVD-2018-5060

Malware in sbrugna...

EUVD-2025-23188

Malicious code in bioql PyPI...

CVE-2025-50777

The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service...

PT-2025-31430 · Aziot · Aziot 2Mp Full Hd Smart Wi-Fi Cctv Home Security Camera

Name of the Vulnerable Software and Affected Versions: AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 Description: The firmware contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Successful exploitation exposes...

Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable t...

Schneider Electric Pelco Endura NET55XX Encoder

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable...

Schneider Electric Pelco Endura NET55XX Encoder

This module exploits inadequate access controls within the webUI to enable the SSH service and change the root password. This module has been tested successfully on: NET5501, NET5501-I, NET5501-XT, NET5504, NET5500, NET5516, NET550 versions. This module requires Metasploit:...