180 matches found
CVE-2023-34105 SRS has command injection vulnerability in demonstration api-server for HTTP callback.
SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SRS's api-server server is vulnerable to a drive-by command injection. An attacker may send a request to the /api/v1/snapshots endpoint containing an...
CVE-2023-34105
SRS (Simple Real-time Server) api-server is vulnerable to drive-by command injection on POST /api/v1/snapshots in versions prior to 5.0.157, 5.0-b1, and 6.0.48, potentially leading to Remote Code Execution (RCE). Connected advisories confirm a fix in 5.0.157, 5.0-b1, and 6.0.48. Mitigate by updat...
SRS 命令注入漏洞
SRS is a simple, efficient, real-time video server from SRS open source. SRS has a command injection vulnerability , the vulnerability stems from the api-server server has a command injection vulnerability...
PT-2023-3035 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS affected versions not specified Description: A vulnerability in the change password functionality could allow an authenticated, remote attacker with Read-only...
NVS365 安全漏洞
NVS365 is a network video server from NVS365. A security vulnerability exists in NVS365 version V01, which stems from a command execution that can be triggered by the background network test function...
NVS365 安全漏洞
NVS365 is a network video server from NVS365, Inc. A security vulnerability exists in NVS365 version V01 that stems from incorrect access control...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Nvs365 Nvs-365-V01_Firmware
NVS-365-Camera NVS-365-Camera NVS-365-Camera Two Vulnerab...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 信任管理问题漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
CVE-2022-31582
The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31582
The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Cisco Expressway Series 和 Cisco TelePresence Video Communication Server 路径遍历漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
CVE-2021-39183
Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-sr...
ZTE ZXV10 M910 code issue vulnerability
The ZTE ZXV10 M910 is a video conferencing HD video server from ZTE Corporation China.A security vulnerability exists in the ZTE ZXV10 M910, which can be exploited by attackers to execute arbitrary commands by sending deserialized payloads to port 5001...
ZTE ZXV10 M910 代码问题漏洞
The ZTE ZXV10 M910 is a video conferencing HD video server from ZTE Corporation China.A security vulnerability exists in the ZTE ZXV10 M910, which can be exploited by attackers to execute arbitrary commands by sending deserialized payloads to port 5001...
Weak Password Vulnerability in Network Video Server of Shenzhen Longchamp Xintron Technology Co. Ltd (CNVD-2021-54075)
Ltd. is a leading provider of intelligent inspection robots and intelligent infrared thermal imaging products and solutions in China. Ltd. Network Video Server has a weak password vulnerability that can be exploited by attackers to obtain sensitive information...
Weak Password Vulnerability in Network Video Server of Shenzhen Longchamp Xintron Technology Co.
Shenzhen Longchamp Xintron Technology Co., Ltd. is a leading intelligent service robot solution provider in China. Ltd. Network Video Server has a weak password vulnerability that can be exploited by attackers to obtain sensitive information...
Unauthorized Access Vulnerability in AXIS 241Q Video Server
Axis is an IT company that specializes in providing web video solutions. An unauthorized access vulnerability exists in AXIS 241Q Video Server, which can be exploited by attackers to obtain sensitive information...
Unauthorized Access Vulnerability in AXIS 241S Video Server
Axis is an IT company that specializes in providing web video solutions. An unauthorized access vulnerability exists in AXIS 241S Video Server, which can be exploited by attackers to obtain sensitive information...
Network Video Server Weak Password Vulnerability in Network Video Server
Network Video Server is a network video server. A weak password vulnerability exists in Network Video Server, which can be exploited by an attacker to obtain sensitive information...
ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...