CVE-2021-44406

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. GetAutoFocus param is not object. An attacker can send an HTTP request to trigger this vulnerability...

Design/Logic Flaw

An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as t...

CVE-2020-11625

CVE-2020-11625 affects AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. The issue arises from ISAPI/Security/sessionLogin/capabilities responses that reveal whether a submitted username exists: a valid username r...

CVE-2019-7315

CVE-2019-7315 affects Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices running 3.x. The connected Nuclei template documents a Local File Inclusion (LFI) vulnerability exposed via the web interface, enabling an attacker to read sensitive files (demonstrated with /etc/shadow). ...