15 matches found
CVE-2019-25436
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...
CVE-2019-25435
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User...
CVE-2019-25436
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...
CVE-2019-25436
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...
CVE-2019-25436 Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...
CVE-2019-25436 Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...
CVE-2019-25435 Sricam DeviceViewer 3.12.0.1 Local Buffer Overflow DEP Bypass
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User...
CVE-2019-25435
CVE-2019-25435 affects Sricam DeviceViewer 3.12.0.1. The issue is a local, stack‑based buffer overflow in the User Management → Add User function. An attacker with authenticated access can bypass DEP and inject a payload via the Username field to execute arbitrary code through a ROP chain. The re...
Sricam DeviceViewer 安全漏洞
Sricam DeviceViewer is a monitoring video management software developed by Sricam Corporation. Version 3.12.0.1 of Sricam DeviceViewer contains a security vulnerability. This vulnerability stems from a stack buffer overflow issue in the user management feature, which may allow authenticated...
PT-2026-21313
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...
Sricam DeviceViewer 安全漏洞
Sricam DeviceViewer is a monitoring video management software developed by Sricam Corporation in China. Version 3.12.0.1 of Sricam DeviceViewer contains a security vulnerability. This vulnerability stems from improper validation of the old password field, which may allow authenticated users to...
DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow (DEP Bypass)
Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...
DeviceViewer 3.12.0.1 Local Buffer Overflow
Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...
DeviceViewer 3.12.0.1 - add user Local Buffer Overflow (DEP Bypass)
DeviceViewer 3.12.0.1 - add user Local Buffer Overflow DEP Bypass Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link:...
DeviceViewer 3.12.0.1 - (add user) Local Buffer Overflow (DEP Bypass) Exploit
Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...