3 matches found
CVE-2025-34066
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle MITM attacks...
CVE-2025-34052
Rejected reason: An unauthenticated endpoint that exposes firmware version, MAC address, and supported codecs is not indicative of a security boundary being crossed, as this metadata is not inherently sensitive and commonly used for legitimate fingerprinting and discovery...
PT-2025-27545 · Avtech +1 · Avtech Ip Cameras +3
Name of the Vulnerable Software and Affected Versions: AVTECH IP cameras, DVRs, and NVRs affected versions not specified Description: An improper certificate validation issue exists due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This...