Lucene search
K

88 matches found

ATTACKERKB
ATTACKERKB
added 2017/11/06 12:0 a.m.19 views

Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload

Samsung NVR Recorder SRN-1670D is a high performance network video recorder. An arbitrary file upload vulnerability was found in the Web Viewer component, which could allow an authenticated user to upload a PHP payload to get code execution. Recent assessments: jvazquez-r7 at September 12, 2019...

8.8CVSS0.8AI score0.51379EPSS
Exploits7References4
Exploit DB
Exploit DB
added 2017/07/20 12:0 a.m.26 views

Virtual Postage (VPA) - Man In The Middle Remote Code Execution

Exploit Title: Virtual Postage VPA - Remote Code Execution via MITM Date: 20/Jul/17 Exploit Author: MaXe Vendor Homepage: https://play.google.com/store/apps/details?id=a2.virtualpostage.com http://archive.is/EdtJT Software Link: N/A Screenshot: N/A Version: 1.0 Tested on: Android 4.1.0 Google API...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/02/11 12:0 a.m.66 views

SonicDICOM PACS 2.3.2 - Cross-Site Scripting

SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewe...

7.4AI score
Exploits0
NVD
NVD
added 2016/01/15 3:59 a.m.16 views

CVE-2015-8281

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations...

7.8CVSS7.6AI score0.03779EPSS
Exploits0References1
NVD
NVD
added 2016/01/15 3:59 a.m.21 views

CVE-2015-8280

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages...

7.5CVSS7.6AI score0.06016EPSS
Exploits0References1
NVD
NVD
added 2016/01/15 3:59 a.m.21 views

CVE-2015-8279

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script...

8.6CVSS8.6AI score0.51379EPSS
Exploits5References1
Prion
Prion
added 2016/01/15 3:59 a.m.12 views

Default credentials

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages...

5CVSS7.3AI score0.06016EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2016/01/15 3:59 a.m.13 views

Design/Logic Flaw

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations...

7.8CVSS7.2AI score0.03779EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2016/01/15 3:59 a.m.14 views

Design/Logic Flaw

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script...

5CVSS7.3AI score0.51379EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2016/01/15 2:0 a.m.51 views

CVE-2015-8281

CVE-2015-8281 affects Samsung SRN-1670D Web Viewer 1.0.0.193. The root cause is a weak, custom encryption scheme based on XOR operations, enabling a remote attacker to bypass filesystem encryption and access arbitrary files (unauthenticated, per the NVD CVSSv3/7.8 base). Connected sources also in...

7.8CVSS8AI score0.03779EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/01/15 2:0 a.m.21 views

CVE-2015-8281

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations...

7.9AI score0.03779EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/01/15 2:0 a.m.20 views

CVE-2015-8280

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages...

7.9AI score0.06016EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/01/15 2:0 a.m.36 views

CVE-2015-8279

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script...

8.6AI score0.51379EPSS
Exploits5References1
CVE
CVE
added 2016/01/15 2:0 a.m.101 views

CVE-2015-8279

CVE-2015-8279 affects Samsung SRN-1670D Web Viewer 1.0.0.193, enabling remote arbitrary file read via an unspecified PHP script. Connected records link this to credential exposure through cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw, and to later modules describing chained access ...

8.6CVSS8.4AI score0.51379EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2016/01/15 2:0 a.m.41 views

CVE-2015-8280

CVE-2015-8280 affects Samsung SRN-1670D Web Viewer 1.0.0.193. The issue is information disclosure: remote attackers can discover credentials by reading detailed error messages, per NVD entry. Other sources (CERT/CC) indicate no practical solution known and note the model is no longer supported; n...

7.5CVSS8.1AI score0.06016EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2015/01/23 12:0 a.m.22 views

Debian: Security Advisory (DSA-3137-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.5CVSS6.5AI score0.00956EPSS
Exploits0References3
NVD
NVD
added 2013/08/28 1:9 p.m.28 views

CVE-2013-3586

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie...

7.6CVSS7.1AI score0.11151EPSS
Exploits0References1
Prion
Prion
added 2013/08/28 1:9 p.m.14 views

Authentication flaw

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie...

7.6CVSS7.7AI score0.11151EPSS
Exploits0References1
Prion
Prion
added 2013/08/28 1:9 p.m.16 views

Information disclosure

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving 1 direct access to a file or 2 the user-setup web page...

5CVSS6.6AI score0.2354EPSS
Exploits0References1
CERT
CERT
added 2013/08/21 12:0 a.m.975 views

Samsung Web Viewer for Samsung DVR allows authentication bypass and password disclosure

Overview Samsung Web Viewer for Samsung DVR contains multiple vulnerabilities including: Cleartext Storage in a File or on Disk CWE-313 and Authentication Bypass by Assumed-Immutable Data CWE-302. Description CWE-313: Cleartext Storage in a File or on Disk - CVE-2013-3585Web Viewer for Samsung DV...

7.6CVSS7.3AI score0.2354EPSS
Exploits0References3
Rows per page
Query Builder