Lucene search
+L

219 matches found

Hewlett-Packard
Hewlett-Packard
added 2019/02/14 12:0 a.m.17 views

HPSBHF03604 rev. 2 - Intel Xeon® Platform Firmware Included Unsecure Handling of Certain UEFI Variables

Potential Security Impact Escalation of Privilege, Denial of Service. Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Insecure handling of UEFI variables in Intel® Xeon® Scalable processors, Intel® Xeon® Processor E5 v4 Family, Intel® Xeon® Processor E5...

2.1AI score
Exploits0
Prion
Prion
added 2019/01/10 8:29 p.m.10 views

Input validation

Improper setting of device configuration in system firmware for IntelR NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access...

4.6CVSS6.4AI score0.00321EPSS
Exploits0References1
OSV
OSV
added 2018/12/28 5:29 p.m.7 views

CVE-2018-20575

Orange Livebox 00.96.320S devices have an undocumented /systemfirmwarel.stm URI for manual firmware update. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2...

7.5CVSS5.8AI score0.0098EPSS
Exploits1References1
NVD
NVD
added 2018/11/07 6:29 p.m.20 views

CVE-2018-19068

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials...

4.9CVSS5.3AI score0.01008EPSS
Exploits1References1
OSV
OSV
added 2018/11/07 6:29 p.m.5 views

CVE-2018-19068

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials...

4.9CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2018/11/07 6:29 p.m.18 views

CVE-2018-19066

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift password in some cases...

7.5CVSS7.7AI score0.01582EPSS
Exploits1References1
Prion
Prion
added 2018/11/07 6:29 p.m.20 views

Design/Logic Flaw

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials...

4CVSS5.3AI score0.01008EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.18 views

Default credentials

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password...

5CVSS9.3AI score0.01591EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.16 views

Cross site scripting

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS...

4.3CVSS6.4AI score0.00886EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.16 views

Hardcoded credentials

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9Q password in some case...

5CVSS7.7AI score0.01582EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.16 views

Hardcoded credentials

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift password in some cases...

5CVSS7.7AI score0.01582EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.22 views

Code injection

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of...

10CVSS9.5AI score0.01995EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.17 views

Design/Logic Flaw

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service daemon hang or restart via a negative integer in the RTSP Content-Length header...

7.8CVSS7.5AI score0.02187EPSS
Exploits1References1Affected Software4
Prion
Prion
added 2018/11/07 6:29 p.m.18 views

Design/Logic Flaw

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName,...

9CVSS7.4AI score0.01946EPSS
Exploits1References1Affected Software4
CVE
CVE
added 2018/11/07 6:0 p.m.51 views

CVE-2018-19074

The CVE-2018-19074 entry concerns Foscam C2 devices (System Firmware 1.11.1.8; App FW 2.72.1.32) and Opticam i5 devices (System FW 1.5.2.11; App FW 2.21.1.128). The underlying issue is that the firewall provides minimal protection: it blocks only port 443 and partially blocks port 88, leaving oth...

7.5CVSS7.6AI score0.01292EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.52 views

CVE-2018-19077

CVE-2018-19077 affects Foscam Opticam i5 with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The vulnerability is in RtspServer, where a negative integer in the RTSP Content-Length header can be exploited remotely to cause a denial of service (daemon hang or restart). Connected doc...

7.8CVSS7.4AI score0.02187EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.56 views

CVE-2018-19076

CVE-2018-19076 affects Foscam C2 devices (System Firmware 1.11.1.8, Application Firmware 2.72.1.32) and Opticam i5 devices (System Firmware 1.5.2.11, Application Firmware 2.21.1.128). The issue arises because FTP and RTSP services do not enforce failed-authentication limits, making brute-force au...

9.8CVSS9.5AI score0.01852EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.54 views

CVE-2018-19068

The CVE-2018-19068 entry concerns Foscam Opticam i5 devices running System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The vulnerability is that the CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials, suggesting an unintended access path to hidden Te...

4.9CVSS5.3AI score0.01008EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.47 views

CVE-2018-19079

Affected product : Foscam Opticam i5 (System Firmware 1.5.2.11, Application Firmware 2.21.1.128). Vulnerability : The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot, enabling an attacker without credentials to reboot the device. Impact (as stated) : High availability impact on...

7.8CVSS7.6AI score0.01522EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.54 views

CVE-2018-19063

The CVE-2018-19063 entry concerns Foscam C2 devices (System Firmware 1.11.1.8 and Application Firmware 2.72.1.32) and Opticam i5 devices (System Firmware 1.5.2.11 and Application Firmware 2.21.1.128) where the admin account has a blank password. The available connected records confirm affected mo...

10CVSS9.4AI score0.01995EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder