18 matches found
PT-2026-24005
Name of the Vulnerable Software and Affected Versions Tiandy Video Surveillance System version 7.17.0 Description A security issue exists in Tiandy Video Surveillance System that allows for unrestricted file uploads. This is due to the manipulation of the fileName argument within the uploadFile...
Tiandy Video Surveillance System 代码问题漏洞
Tiandy Video Surveillance System is a video monitoring system developed by Tiandy Company in China. Version 7.17.0 of Tiandy Video Surveillance System has a code vulnerability. This vulnerability stems from incorrect handling of the parameter fileName in the file...
CVE-2026-2985 Tiandy Video Surveillance System 视频监控平台 CLSBODownLoad.java downloadImage server-side request forgery
A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...
PT-2026-21514
A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...
Tiandy Video Surveillance System 代码问题漏洞
Tiandy Video Surveillance System is a video monitoring system developed by Tiandy Company in China. Version 7.17.0 of Tiandy Video Surveillance System has a code vulnerability. This vulnerability stems from improper handling of the parameter urlPath in the...
EUVD-2009-5042
Malware in sbrugna...
CVE-2025-47782 motionEye vulnerable to RCE in add_camera Function Due to unsafe command execution
motionEye is an online interface for the software motion, a video surveillance program with motion detection. In versions 0.43.1b1 through 0.43.1b3, using a constructed camera device path with the add/addcamera motionEye web API allows an attacker with motionEye admin user credentials to execute...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Command Injection
Advisory ID: SYSS-2024-030 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution...
CVE-2023-6308
A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown functionality of the component Apache Struts. The manipulation leads to unrestricted upload. The attack may be launched...
PT-2023-32608 · Apache +1 · Apache Struts +1
Name of the Vulnerable Software and Affected Versions: Xiamen Four-Faith Video Surveillance Management System versions 2016 through 2017 Description: A critical issue has been found in the Apache Struts component of the system, allowing for unrestricted upload. The attack can be launched remotely...
CVE-2023-3805
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video Surveillance Management System up to 20230712. This issue affects some unknown processing in the library UserInfoAction.class of the component Login. The manipulation leads to improper authorization. The...
Unauthorized Access Vulnerability in Network Video Surveillance System of Tianmai Technology
Tianmai Technology is a national high-tech enterprise focusing on the field of intelligent public transportation. The company's main business is to provide comprehensive solutions for urban bus operation, management and service based on Telematics technology. There is an unauthorized access...
Weak Password Vulnerability in Tianmai Technology's Network Video Surveillance System
Tianmai Technology is a national high-tech enterprise focusing on the field of intelligent public transportation, the company's main business is to provide comprehensive solutions for urban bus operation, management and service based on Telematics technology. There is a weak password vulnerabilit...
Arbitrary File Read Vulnerability in AppVision's Video Surveillance System
Applusoft specializes in UHD, ultra-long focus, multi-spectral, thermal imaging products, technical services and overall customized solutions. AppVision's video surveillance system has an arbitrary file reading vulnerability, the vulnerability is due to its video surveillance backend does not do...
Cisco 'Knowingly' Sold Hackable Video Surveillance System to U.S. Government
Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies. It's believed to be the first payout on a 'False Claims Act' case...
Directory traversal
Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. dot dot in a GET request...
CVE-2009-5087
CVE-2009-5087 refers to a directory traversal vulnerability in Geovision Digital Video Surveillance System 8.2, affecting the geohttpserver component. The issue allows remote attackers to read arbitrary files via a .. (dot-dot) in a GET request. The primary affected product is Geovision’s DVSS 8....
CVE-2005-1552
GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a direct request to the image...