CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

EUVD-2023-32518

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-38382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and...

Linux Distros Unpatched Vulnerability : CVE-2020-24027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP PLAY command, when the command...

PT-2025-34462 · Reolink · Reolink Smart 2K+ Plug-In Wi-Fi Video Doorbell

Name of the Vulnerable Software and Affected Versions: Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.4662 2503122283 Description: An incorrect access control issue exists in the RTMP server settings. This allows attackers to cause a Denial of Service DoS by initiating a...

CVE-2023-28898

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

70mai Dash Cam 1S 安全漏洞

70mai Dash Cam 1S is a car recorder from 70mai 70mai. The 70mai Dash Cam 1S suffers from a security vulnerability that originates from the fact that an attacker can bypass the device authorization mechanism of the official mobile application by connecting directly to the device's network and...

PT-2024-34606 · Lsc · Lsc Smart Connect Indoor Ip Camera

Name of the Vulnerable Software and Affected Versions: LSC Smart Connect Indoor IP Camera version 7.6.32 Description: The issue allows unauthorized access to live camera footage through the RTSP protocol on port 8554 without requiring authentication, potentially compromising user privacy and...

The vulnerability of the Real-Time Streaming Protocol (RTSP) implementation of the D3D Security IP Camera D8801 software-based network IP camera allows a intruder to gain access to the video stream.

The vulnerability of the Real-Time Streaming Protocol RTSP implementation of the D3D Security IP Camera D8801 software-based network camera is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain access to the video stream using...

SUSE CVE-2024-44331

Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests...

CVE-2024-47790 Missing Authorization Vulnerability

UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of insecure Real-Time Streaming Protocol RTSP version for live video streaming. A remote attacker could exploit this vulnerability by crafting a RTSP packet leading to unauthorized access to live feed...

CVE-2024-47790 Missing Authorization Vulnerability

UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of insecure Real-Time Streaming Protocol RTSP version for live video streaming. A remote attacker could exploit this vulnerability by crafting a RTSP packet leading to unauthorized access to live feed...

CVE-2024-47790

CVE-2024-47790 affects D3D Security IP Camera D8801; root cause is use of an insecure RTSP version for live video streaming, allowing a remote attacker to craft RTSP packets to gain unauthorized access to the live feed. The devices are noted as no longer supported by the maintainer, and no specif...

D3D Security IP Camera 安全漏洞

D3D Security IP Camera is a series of cameras from D3D Security. A security vulnerability exists in the D3D Security IP Camera that stems from the use of an insecure version of the Live Streaming Protocol for live video streaming, resulting in unauthorized access to real-time information on the...

PT-2024-32300 · Runofast · Runofast Indoor Security Camera For Baby Monitor

Name of the Vulnerable Software and Affected Versions: runofast Indoor Security Camera for Baby Monitor affected versions not specified Description: The issue concerns a default password set as password for the root account, allowing unauthorized access to the "/stream1" URI via the rtsp://...

EZVIZ CS-CV246 安全漏洞

EZVIZ CS-CV246 is a wireless camera from China Fluorite EZVIZ. A security vulnerability exists in EZVIZ CS-CV246 version V5.3.0 build 191225, which originates from allowing an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that c...

PT-2024-28465 · Synology · Synology Camera Firmware

Name of the Vulnerable Software and Affected Versions: Synology Camera Firmware versions prior to 1.0.7-0298 Description: A vulnerability in the RTSP functionality allows man-in-the-middle attackers to bypass authentication and obtain privileges without consent via unspecified vectors. This issue...

CVE-2023-51624

D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to...

The vulnerability of the RTSP server of D-Link’s DCS-8300LHV2 wireless camera software allows a intruder to execute arbitrary code.

The vulnerability of the RTSP server of D-Link’s DCS-8300LHV2 wireless camera software lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-28898

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...