Lucene search
+L

219 matches found

CVE
CVE
added 2018/11/07 6:0 p.m.48 views

CVE-2018-19073

The CVE-2018-19073 entry describes arbitrary OS command execution on Foscam C2 (System 1.11.1.8; App 2.72.1.32) and Opticam i5 (System 1.5.2.11; App 2.21.1.128) devices. Vulnerability arises from allowing shell metacharacters in the modelName by exploiting write access to /mnt/mtd/app/config/Prod...

9CVSS7.5AI score0.01946EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.47 views

CVE-2018-19079

Affected product : Foscam Opticam i5 (System Firmware 1.5.2.11, Application Firmware 2.21.1.128). Vulnerability : The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot, enabling an attacker without credentials to reboot the device. Impact (as stated) : High availability impact on...

7.8CVSS7.6AI score0.01522EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.54 views

CVE-2018-19063

The CVE-2018-19063 entry concerns Foscam C2 devices (System Firmware 1.11.1.8 and Application Firmware 2.72.1.32) and Opticam i5 devices (System Firmware 1.5.2.11 and Application Firmware 2.21.1.128) where the admin account has a blank password. The available connected records confirm affected mo...

10CVSS9.4AI score0.01995EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.56 views

CVE-2018-19082

Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128 expose a stack-based buffer overflow in ONVIF devicemgmt SetDNS when handling the IPv4Address field. The vulnerability is exploitable remotely over the network (no authentication) and can impact confidenti...

9.8CVSS9.6AI score0.02318EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2018/11/07 6:0 p.m.80 views

CVE-2018-19081

Vulnerability summary (CVE-2018-19081) : Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128 allow remote command execution via the ONVIF devicemgmt SetDNS method, using the IPv4Address field. This is documented as an arbitrary OS command execution vulnerab...

10CVSS9.8AI score0.04969EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2018/11/07 6:0 p.m.22 views

CVE-2018-19070

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the...

7.5AI score0.04437EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/07 6:0 p.m.25 views

CVE-2018-19068

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials...

5.3AI score0.01008EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/07 6:0 p.m.18 views

CVE-2018-19078

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password...

9.5AI score0.01591EPSS
Exploits1References1
Lenovo
Lenovo
added 2018/07/17 2:6 p.m.699 views

System firmware Can Be Erased or Corrupted After Boot - US

Lenovo Security Advisory: LEN-16445 Potential Impact: An attacker could manipulate the vulnerability to prevent a system from booting, to cause it to operate in an unusual way, or execute arbitrary code during the system boot sequence. Severity: High Scope of Impact: Industry-wide CVE Identifier:...

3.6CVSS6.5AI score0.00355EPSS
Exploits0
Kitploit
Kitploit
added 2018/06/22 10:33 p.m.24 views

CHIPSEC - Platform Security Assessment Framework

CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware BIOS/UEFI, and platform components. It includes a security test suite, tools for accessing various low level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X and...

7.7AI score
Exploits0References3
NVD
NVD
added 2018/05/10 10:29 p.m.13 views

CVE-2018-3612

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode SMM...

7.8CVSS7.5AI score0.00322EPSS
Exploits0References1
CVE
CVE
added 2017/10/11 12:0 a.m.74 views

CVE-2017-5722

CVE-2017-5722 corresponds to an Intel NUC BIOS/system firmware issue: incorrect policy enforcement allows local or physical attackers to bypass integrity protections by manipulating firmware storage on NUC7i3/5/7 BN0049 and below. The vulnerability is discussed alongside related BIOS security iss...

7.5CVSS7.3AI score0.00348EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/10/11 12:0 a.m.25 views

CVE-2017-5721

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory...

7.8AI score0.00865EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/10/11 12:0 a.m.19 views

CVE-2017-5701

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery...

6.9AI score0.00328EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/10/11 12:0 a.m.20 views

CVE-2017-5700

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage...

8.3AI score0.00381EPSS
Exploits0References2
CVE
CVE
added 2017/10/11 12:0 a.m.46 views

CVE-2017-5721

CVE-2017-5721 is the Intel NUC system firmware SMM Privilege Elevation vulnerability described in the Intel advisory INTEL-SA-00084. The issue stems from insufficient input validation in the system firmware that can allow a local attacker to execute arbitrary code by manipulating memory. Affected...

7.5CVSS7.7AI score0.00865EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2017/09/15 12:0 a.m.110 views

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability(CVE-2017-2841)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...

6.5CVSS9.6AI score0.06052EPSS
Exploits1
NVD
NVD
added 2017/07/26 3:29 p.m.15 views

CVE-2017-5691

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state...

9.3CVSS9.1AI score0.01439EPSS
Exploits0References3
Prion
Prion
added 2017/07/26 3:29 p.m.18 views

Design/Logic Flaw

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state...

9.3CVSS9AI score0.01439EPSS
Exploits0References3
CVE
CVE
added 2017/07/26 3:0 p.m.69 views

CVE-2017-5691

CVE-2017-5691 covers an incorrect check in Intel processors (6th/7th Gen Core, Xeon E3-1500M v5/v6, E3-1200 v5/v6) that can allow a compromised system firmware to impact Intel SGX via an incorrect early system state. Public sources identify the affected hardware and provide remediation guidance. ...

9.3CVSS9AI score0.01439EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder