27 matches found
EUVD-2018-4627
Malware in sbrugna...
EUVD-2018-4626
Malware in sbrugna...
EUVD-2018-4628
Malware in sbrugna...
EUVD-2018-4622
Malware in sbrugna...
EUVD-2018-4629
Malware in sbrugna...
EUVD-2018-4630
Malware in sbrugna...
CVE-2018-12675
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint...
CVE-2018-12674
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in...
CVE-2018-12674
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in...
Cross site scripting
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or th...
CVE-2018-12667
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...
CVE-2018-12671
An attacker with remote access to the SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web...
CVE-2018-12672
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or th...
CVE-2018-12673
An attacker with remote access to the SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B web interface can disclose information about the camera including camera hardware, wireless network, and local area network information...
Authentication flaw
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...
Design/Logic Flaw
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint...
Default credentials
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in...
CVE-2018-12667
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...
Information disclosure
An attacker with remote access to the SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web...
CVE-2018-12667
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...