Lucene search
K

117 matches found

BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.4 views

The vulnerability of the RTSP server of D-Link’s DCS-8300LHV2 wireless camera software allows a intruder to execute arbitrary code.

The vulnerability of the RTSP server of D-Link’s DCS-8300LHV2 wireless camera software lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.8CVSS8.2AI score0.01315EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/01/12 4:15 p.m.13 views

CVE-2023-28898

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS5.2AI score0.00231EPSS
Exploits0References1
Prion
Prion
added 2024/01/12 4:15 p.m.13 views

Design/Logic Flaw

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

1.8CVSS7.1AI score0.00231EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/12 4:4 p.m.19 views

CVE-2023-28898 Head Unit Denial-of-Service via Apple CarPlay service

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS6.8AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/12 4:4 p.m.33 views

CVE-2023-28898 Head Unit Denial-of-Service via Apple CarPlay service

The Real-Time Streaming Protocol implementation in the MIB3 infotainment incorrectly handles requests to /logs URI, when the id parameter equals to zero. This issue allows an attacker connected to the in-vehicle Wi-Fi network to cause denial-of-service of the infotainment system, when the certain...

5.3CVSS5.5AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2024/01/12 4:4 p.m.55 views

CVE-2023-28898

The CVE-2023-28898 issue involves the Real-Time Streaming Protocol (RTSP) in the MIB3 infotainment system of the Škoda Superb III (3V3) 2.0 TDI (2022). The RTSP implementation improperly handles requests to the /logs URI when the id parameter is zero, enabling a connected attacker on the in-vehic...

5.3CVSS5.2AI score0.00231EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.3 views

Skoda Security Breach

Skoda is a line of automobiles from Skoda. A security vulnerability exists in the Skoda Superb III 3V3 version 2.0 TDI that stems from the Real-Time Streaming Protocol not properly handling requests for the /logs URI, allowing an attacker to launch a denial-of-service DOS attack on the infotainme...

5.3CVSS6.7AI score0.00231EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.5 views

PT-2024-1092 · D Link · D-Link Dcs-8300Lhv2

Name of the Vulnerable Software and Affected Versions: D-Link DCS-8300LHV2 affected versions not specified Description: The issue is related to a buffer overflow in the RTSP server of D-Link DCS-8300LHV2 IP cameras, allowing remote attackers to execute arbitrary code on affected installations. Th...

8.8CVSS8.1AI score0.01315EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.3 views

Tenda CP3 信任管理问题漏洞

Tenda CP3 is a smart camera from Tenda China. A security vulnerability exists in Tenda CP3 version V11.10.00.2211041355, which stems from the device containing a hardcoded default password for RTSP mentions...

9.8CVSS8.4AI score0.00659EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.3 views

SUSE CVE-2008-0225

Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmffdumpheader function and related to disregarding the max field. NOTE...

6.4CVSS8.4AI score0.14969EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.5 views

SUSE CVE-2009-4248

Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and...

9.3CVSS8.2AI score0.06835EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.4 views

SUSE CVE-2021-38381

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

6.5CVSS6.9AI score0.0119EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/11/16 12:0 a.m.9 views

The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 allows a intruder to cause a service failure.

The vulnerability of the RTSP microprogramming software-based IP camera models VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failur...

7.8CVSS5.5AI score
Exploits0References2Affected Software3
OSV
OSV
added 2022/05/05 5:15 p.m.5 views

CVE-2022-28691

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when a Real Time Streaming Protocol RTSP profile is configured on a virtual server, undisclosed traffic can cause an increase in Traffic...

7.5CVSS5.8AI score0.00868EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.28 views

F5 Networks BIG-IP : BIG-IP RTSP profile vulnerability (K37155600)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K37155600 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1...

7.5CVSS7.5AI score0.00868EPSS
Exploits0References2
OSV
OSV
added 2021/09/01 6:15 p.m.3 views

CVE-2021-40379

An issue was discovered on Compro IP70 2.087130218, IP570 2.087130520, IP60, and TN540 devices. rstp://.../medias2 does not require authorization...

7.5CVSS7.1AI score0.21631EPSS
Exploits3References2
OSV
OSV
added 2021/08/10 6:15 p.m.2 views

UBUNTU-CVE-2021-38382

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

6.5CVSS5.8AI score0.0119EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2021/02/16 4:50 p.m.199 views

Misconfigured Baby Cams Allow Unauthorized Viewing

A vulnerability affecting multiple baby monitors could allow someone to drop in and view a camera’s video stream, according to researchers. Potentially hundreds of thousands of live devices are impacted, they said. The issue exists in the manufacturers’ implementation of the Real-Time Streaming...

7AI score
Exploits0References6
CNNVD
CNNVD
added 2021/01/11 12:0 a.m.7 views

Live Networks Liblivemedia Buffer Error Vulnerability

Live Networks Liblivemedia is a C++ based codebase for RTP/RTCP, RTSP, SIP and other protocols from Live Networks, Inc. The library supports POSIX-compliant operating systems and can be used to transmit, receive and process MPEG, H.265, H.264, H.263+, DV or JPEG video and build basic RTSP or SIP...

9.8CVSS7.4AI score0.01612EPSS
Exploits1References3
CNVD
CNVD
added 2019/05/23 12:0 a.m.2 views

Huawei Leland-AL00A RTSP Module Denial of Service Vulnerability

Huawei Leland-AL00A is a smartphone from Huawei, China.RTSP module is one of the RTSP Real Time Streaming Protocol modules. A denial of service vulnerability exists in the RTSP module in Huawei Leland-AL00A prior to version 9.1.0.111 C00E111R2P10T8. An attacker can exploit this vulnerability by...

6.5CVSS6.6AI score0.0099EPSS
Exploits0References1
Rows per page
Query Builder