CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

EUVD-2026-37894

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

Tattile Smart+ 访问控制错误漏洞

Tattile Smart+ is a smart license plate recognition camera developed by the Italian company Tattile. Tattile Smart+, Vega, and Basic 1.181.5 and earlier versions have an access control vulnerability. This vulnerability stems from the fact that RTSP streams do not require authentication, which may...

EUVD-2024-30995

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2023-34105

SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SRS's api-server server is vulnerable to a drive-by command injection. An attacker may send a request to the /api/v1/snapshots endpoint containing an...

CVE-2024-33250

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268Leo and SRS/4.0.195Leo allows a remote attacker to execute arbitrary code via a crafted request...

The vulnerability of the Ezviz Internet PT camera’s microprogramming software allows a intruder to gain unauthorized access to the real-time video stream.

The vulnerability of Ezviz Internet PT Camera’s microprogramming software lies in the ability to gain remote access to real-time video streams by creating RTSP packets with specific URL addresses. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to real-time vide...

CVE-2024-33250

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268Leo and SRS/4.0.195Leo allows a remote attacker to execute arbitrary code via a crafted request...

PT-2024-25169 · Srs · Srs

Name of the Vulnerable Software and Affected Versions: Open-Source Technology Committee SRS real-time video server versions 4.0.195 through 4.0.268 Description: An issue in the SRS real-time video server allows a remote attacker to execute arbitrary code via a crafted request. Recommendations: Fo...

Fujitsu Limited Real-time Video Transmission Gear "IP series"

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Fujitsu Limited Equipment: Real-time Video Transmission Gear "IP series" Vulnerability: Use Of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker logging into...

Fujitsu Real-time Video Transmission Gear "IP series" uses a hard-coded credentials

Overview Real-time Video Transmission Gear "IP series" provided by Fujitsu Limited uses a hard-coded credentials CWE-798 . The product's credentials for factory testing may be obtained by reverse engineering and others. Fujitsu Limited reported this vulnerability to JPCERT/CC to notify users of i...

CVE-2023-38433

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...

Hardcoded credentials

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...

CVE-2023-38433

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...

CVE-2023-38433

CVE-2023-38433 affects Fujitsu Real-time Video Transmission Gear IP series. The vulnerability arises from hard-coded credentials (CWE-798) that could allow a remote, unauthenticated attacker to log in and initialize or reboot devices, terminating video transmission. Affected firmware versions inc...

The vulnerability of the configuration of HTTP proxy servers for WebKitGTK and WPE WebKit modules, which allow attackers to gain unauthorized access to protected information.

The vulnerability of the configuration of HTTP proxy servers for WebKitGTK and WPE WebKit modules related to improper data processing during real-time video loading. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Unauthorized Access Vulnerability in PoE Infrared Webcam of P&L Technologies Ltd.

hereinafter referred to as "TP-LINK" is a leading global supplier of network communication equipment. TP-LINK's PoE infrared webcam has an unauthorized access vulnerability, which can be exploited by attackers to directly steal real-time video streams by constructing usernames and passwords at...

BEWARD Intercom 2.3.1 - Credentials Disclosure

!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...

BEWARD Intercom 2.3.1 Credential Disclosure

!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...

Dahua Camera onvif Protocol Authentication Vulnerability

Zhejiang Dahua Technology Co., Ltd. is a leading supplier of surveillance products and solution service providers, providing leading video storage, front-end, display control and intelligent transportation series of products for the world. Dahua IPC-HF2100 and other cameras onvif protocol snapsho...