67 matches found
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability caused by improper validation of the 'READ.filePath' parameter in fileread script and SendCGICMD API, letting authenticated attackers read arbitrary system files. id: CVE-2019-25246 info: name: BEWARD...
CVE-2019-25248
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism...
CVE-2019-25247
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2019-25246
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
CVE-2018-25130
Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...
CVE-2019-25248 Beward N100 M2.1.6 Unauthenticated RTSP Video Stream Disclosure
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism...
CVE-2019-25248 Beward N100 M2.1.6 Unauthenticated RTSP Video Stream Disclosure
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism...
CVE-2019-25248
Beward N100 M2.1.6.04C014 is affected by an unauthenticated remote access vulnerability that lets an attacker retrieve the camera’s RTSP live stream without credentials. The issue is caused by lack of authentication in the video access mechanism, enabling direct RTSP stream access over the networ...
CVE-2019-25247
The CVE-2019-25247 entry applies to the Beward N100 H.264 VGA IP Camera (M2.1.6). The vulnerability is a cross-site request forgery (CSRF) that lets an attacker trigger administrative actions by deceiving a logged-in user with a malicious page (hidden form to add an admin). Root cause: lack of pr...
CVE-2019-25246
CVE-2019-25246 affects Beward N100 H.264 VGA IP Camera version M2.1.6. The issue is an authenticated file disclosure via the READ.filePath parameter, enabling access to arbitrary system files (e.g., /etc/passwd, /etc/issue) through the fileread script or SendCGICMD API. The vulnerability is explo...
CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2019-25246 Beward N100 H.264 VGA IP Camera M2.1.6 Authenticated File Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
CVE-2019-25246 Beward N100 H.264 VGA IP Camera M2.1.6 Authenticated File Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2018-25130
Beward Intercom 2.3.1 contains a local credential-disclosure vulnerability: usernames and passwords stored in plaintext in BEWARD.INTERCOM.FDB can be read by a local attacker, enabling unauthorized access to IP cameras and door stations. Root cause: credentials stored in an unencrypted database f...
CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database
Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...
CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database
Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...
PT-2025-53333
Name of the Vulnerable Software and Affected Versions Beward N100 H.264 VGA IP Camera version M2.1.6 Description The Beward N100 H.264 VGA IP Camera version M2.1.6 contains a cross-site request forgery issue. This allows attackers to perform administrative actions without proper validation of...
Beward Intercom 安全漏洞
Beward Intercom is an IP video intercom system from the Russian company Beward. A security vulnerability exists in Beward Intercom version 2.3.1, which stems from credentials being stored in plaintext in an unencrypted file, which could lead to credential disclosure...
PT-2025-53334
Name of the Vulnerable Software and Affected Versions Beward N100 version M2.1.6.04C014 Description The Beward N100 camera system has a flaw that permits unauthenticated remote access to live video streams. An attacker can obtain the camera’s RTSP stream directly due to missing authentication in...