Lucene search
K

180 matches found

Cvelist
Cvelist
added 2019/12/12 7:8 p.m.25 views

CVE-2019-18339

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The HTTP service default port 5401/tcp of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network...

9.8CVSS9.3AI score0.02652EPSS
Exploits0References1
CVE
CVE
added 2019/12/12 7:8 p.m.57 views

CVE-2019-18339

CVE-2019-18339 affects SiNVR/SiVMS Video Server before version 5.0.0. The HTTP service on port 5401/tcp exposes an authentication bypass vulnerability, allowing a remote attacker with network access to read the user database (passwords in obfuscated cleartext). Red Hat and NVD entries confirm the...

9.8CVSS9.1AI score0.02652EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2019/12/12 12:0 a.m.5 views

PT-2019-15359 · Siemens · Control Center Server +1

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 SiNVR/SiVMS Video Server versions prior to V5.0.0 Description: A vulnerability has been identified where the SiVMS/SiNVR Video Server and the Control Center Server CCS store user and device...

5.5CVSS5.3AI score0.0025EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/12/12 12:0 a.m.6 views

PT-2019-15357 · Sinvr · Sinvr 3 Central Control Server +2

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 SiNVR 3 Central Control Server CCS all versions SiNVR 3 Video Server all versions Description: A directory traversal vulnerability has been identified in the XML-based communication protocol ...

7.7CVSS7.4AI score0.02647EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/12/12 12:0 a.m.4 views

PT-2019-15358 · Siemens · Sinvr/Sivms Video Server

Name of the Vulnerable Software and Affected Versions: SiNVR/SiVMS Video Server versions prior to V5.0.0 Description: A vulnerability has been identified in the HTTP service of the SiVMS/SiNVR Video Server, which contains an authentication bypass issue. This allows a remote attacker with network...

9.8CVSS9.4AI score0.02652EPSS
Exploits0References2
CNVD
CNVD
added 2019/12/11 12:0 a.m.4 views

Siemens SiNVR 3 Video Server Authentication Bypass Vulnerability

SiNVR is the Siemens OEM version of SiVMS, a video management solution acquired by PKE Deutsch land gmmbH and formerly distributed by Schille Informationssysteme gmmbH. An authentication bypass vulnerability exists in the HTTP service default port 5401/tcp of the Siemens SiNVR 3 Video Server. A...

9.8CVSS7AI score0.02652EPSS
Exploits0References1
ICS
ICS
added 2019/12/10 12:0 a.m.57 views

Siemens and PKE SiNVR, SiVMS Video Server (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 6 --------- CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR, SiVMS Video Servers Vulnerabilities: Missing Authentication for Critical Function, Weak Cryptography for Passwords...

9.9CVSS7.6AI score0.02652EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/06/18 12:0 a.m.8 views

The vulnerability of Pelco Endura video server microprogramming software, related to access control errors, allows intruders to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Pelco Endura video server microprogramming software is related to access control errors. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of protected information by using specially...

10CVSS5.5AI score0.3665EPSS
Exploits4References3Affected Software7
OSV
OSV
added 2018/10/05 2:29 p.m.2 views

CVE-2018-15430

A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficien...

7.2CVSS6AI score0.02874EPSS
Exploits0References2
Hacker One
Hacker One
added 2018/03/26 6:17 p.m.28 views

Ubiquiti Inc.: UniFi Video Server web interface admin user Firmware Update path traversal leading to local system compromise

The UniFi Video Server for Windows web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware update information. If the...

5.2CVSS1.2AI score0.00748EPSS
Exploits0
Hacker One
Hacker One
added 2018/03/25 6:13 p.m.57 views

Ubiquiti Inc.: UniFi Video Server web interface Configuration Restore path traversal leading to local system compromise

In UniFi Video Controller 3.9.3 and prior, an user with administrator privileges can restore the configuration using a specially crafted zip file. Due to the lack of validation for path transversal, the user can upload arbitrary files to arbitrary locations...

4.3AI score
Exploits0
Hacker One
Hacker One
added 2018/03/25 4:44 p.m.32 views

Ubiquiti Inc.: UniFi Video Server web interface Configuration Restore CSRF leading to full application compromise

In UniFi Video 3.10.0, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker to lure an authenticated user to access on attacker controlled page...

6.8CVSS3AI score0.00709EPSS
Exploits0
Packet Storm
Packet Storm
added 2018/02/07 12:0 a.m.55 views

Geovision Inc. IP Camera / Video Server Remote Command Execution

!/usr/bin/env python2.7 SOF Geovision Inc. IP Camera & Video Server Remote Command Execution PoC Researcher: bashis November 2017 1. Pop stunnel TLSv1 reverse root shell Local listener: 'ncat -vlp --ssl'; Verified w/ v7.60 2. Dump all settings of remote IPC with Login/Passwd in cleartext Using: -...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/02/07 12:0 a.m.59 views

Geovision Inc. IP Camera & Video - Remote Command Execution Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/env python2.7 SOF Geovision Inc. IP Camera & Video Server Remote Command Execution PoC Researcher: bashis November 2017 1. Pop stunnel TLSv1 reverse root shell Local listener: 'ncat -vlp --ssl'; Verified w/ v7.60 2. Dump all...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2018/02/01 12:0 a.m.50 views

Geovision Inc. IP Camera Video - Remote Command Execution

Geovision Inc. IP Camera Video - Remote Command Execution !/usr/bin/env python2.7 SOF Geovision Inc. IP Camera & Video Server Remote Command Execution PoC Researcher: bashis November 2017 1. Pop stunnel TLSv1 reverse root shell Local listener: 'ncat -vlp --ssl'; Verified w/ v7.60 2. Dump all...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/01 12:0 a.m.52 views

Geovision Inc. IP Camera & Video - Remote Command Execution

!/usr/bin/env python2.7 SOF Geovision Inc. IP Camera & Video Server Remote Command Execution PoC Researcher: bashis November 2017 1. Pop stunnel TLSv1 reverse root shell Local listener: 'ncat -vlp --ssl'; Verified w/ v7.60 2. Dump all settings of remote IPC with Login/Passwd in cleartext Using: -...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2017/04/20 12:0 a.m.15 views

Axis Devices Detection (FTP)

FTP based detection of Axis devices. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...

6.9AI score
Exploits0
OSV
OSV
added 2016/07/07 2:59 p.m.4 views

CVE-2016-1444

The Mobile and Remote Access MRA component in Cisco TelePresence Video Communication Server VCS X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601...

6.5CVSS7.5AI score0.01202EPSS
Exploits0References3
seebug.org
seebug.org
added 2016/05/25 12:0 a.m.19 views

AXIS 2400+ Blade Video Server /view/view.shtml 越权访问漏洞

No description provided by source...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2016/04/10 6:15 p.m.14 views

Ubiquiti Inc.: UniFi Video Server - Broken access control on system configuration

In UniFi Video Server prior to 3.7.0, an attacker with user permissions can download the Backup and Support files...

3.2AI score
Exploits0
Rows per page
Query Builder