17 matches found
EUVD-2017-12311
Malware in sbrugna...
EUVD-2017-12312
Malware in sbrugna...
The vulnerability of the microprogrammed surveillance camera software ACTi models series B, D, E, and I, due to lack of access control mechanisms, allows intruders to gain access to the device or cause malfunctions during maintenance.
The vulnerability of the microprogrammed surveillance camera software ACTi models series B, D, E, and I is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to alter the device’s settings by directly accessing the...
CVE-2017-3184
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the...
CVE-2017-3186
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials...
CVE-2017-3185
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's histor...
CVE-2017-3184
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the...
CVE-2017-3185
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's histor...
CVE-2017-3186
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials...
Default credentials
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the...
Information disclosure
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's histor...
CVE-2017-3185
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's histor...
CVE-2017-3184
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit this vulnerability by directly accessing the...
CVE-2017-3185
ACTi ACTI D/B/I/E series cameras with firmware A1D-500-V6.11.31-AC expose user credentials and account names via GET requests in the web interface, allowing information disclosure through browser history, logs, and refs. Concrete affected components: web application GET handling that processes se...
CVE-2017-3186
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials...
Multiple ACTi Products Sensitive Information Disclosure Vulnerabilities
ACTi I Series, etc. is a series of network surveillance cameras from ACTi. A security vulnerability exists in several ACTi products. A remote attacker could exploit the vulnerabilities to submit a special request and obtain sensitive information...
Unauthorized Access Vulnerability in Multiple ACTi Products
ACTi I Series, etc. is a series of network surveillance cameras from ACTi. An unauthorized access vulnerability exists in multiple ACTi products due to a failure to properly restrict access to the Restore Factory Settings page. A remote attacker can exploit the vulnerability by submitting a speci...