30 matches found
CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash
motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...
PT-2026-51431
Name of the Vulnerable Software and Affected Versions motionEye versions prior to 0.44.0 Description Configuration files /etc/motioneye/motion.conf and camera-.conf are created with 644 permissions, making them readable by any local user on the system. The motion.conf file contains sensitive data...
CVE-2025-13607
A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...
EUVD-2025-202452
A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...
CVE-2025-13607
A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...
CVE-2025-13607 D-Link CCTV camera model DCS-F5614-L1 Missing Authentication for Critical Function
A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...
CVE-2025-13607
CVE-2025-13607 affects D-Link CCTV camera model DCS-F5614-L1 and related entries, describing unauthenticated access to camera configuration data (including account credentials) via a vulnerable URL. Connected sources consistently state missing authentication as the root cause; several enrichments...
PT-2025-50362
Name of the Vulnerable Software and Affected Versions CCTV affected versions not specified Description A malicious actor can access camera configuration information, including account credentials, without authentication by accessing a vulnerable URL. This flaw potentially risks video feed hijack...
D-Link DCS-F5614-L1 安全漏洞
The D-Link DCS-F5614-L1 is a network camera from China Youxun D-Link. A security vulnerability exists in the D-Link DCS-F5614-L1 that originates from unauthenticated access to camera configuration information, including account credentials, when accessing a specific URL...
CVE-2025-64770
The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-62674
The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...
EUVD-2025-198339
The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...
EUVD-2025-198340
The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-64770
The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-62674
The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-62674
The CVE-2025-62674 issue concerns iCam365 P201 and iCam365 QC021 network cameras. The vulnerability allows unauthenticated access to RTSP services, which may enable an attacker to retrieve camera configuration information. The information in the connected documents indicates this affects RTSP/ONV...
CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras
The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras
The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-64770 Missing Authentication for ONVIF in iCam Cameras
The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...
CVE-2025-64770
CVE-2025-64770 involves unauthenticated access to ONVIF services in affected iCam365 network cameras (e.g., iCam365 P201 and P201 QC021), potentially exposing camera configuration information. The Red Hat and EUVD entries mirror the same description. No concrete patch/version or remediation is sp...