27 matches found
EUVD-2018-4629
Malware in sbrugna...
EUVD-2018-4626
Malware in sbrugna...
EUVD-2018-4622
Malware in sbrugna...
EUVD-2018-4628
Malware in sbrugna...
EUVD-2018-4630
Malware in sbrugna...
EUVD-2018-4627
Malware in sbrugna...
CVE-2018-12674
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in...
CVE-2018-12674
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in...
CVE-2018-12675
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint...
CVE-2018-12667
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...
Default credentials
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in...
CVE-2018-12667
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...
CVE-2018-12671
An attacker with remote access to the SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web...
Authentication flaw
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the...
Design/Logic Flaw
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint...
CVE-2018-12672
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or th...
Cross site scripting
The SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or th...
Information disclosure
An attacker with remote access to the SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web...
CVE-2018-12673
An attacker with remote access to the SV3C HD Camera L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B web interface can disclose information about the camera including camera hardware, wireless network, and local area network information...
CVE-2018-12671
The CVE-2018-12671 entry concerns SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B). The vulnerability allows a remote attacker who can access the camera’s web interface to disclose information about the camera, including all password sets stored within t...