Lucene search
K

30 matches found

OSV
OSV
added 2026/06/24 8:45 p.m.5 views

CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

5.5CVSS5.8AI score0.02902EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.20 views

PT-2026-51431

Name of the Vulnerable Software and Affected Versions motionEye versions prior to 0.44.0 Description Configuration files /etc/motioneye/motion.conf and camera-.conf are created with 644 permissions, making them readable by any local user on the system. The motion.conf file contains sensitive data...

5.5CVSS5.7AI score0.02902EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/11 5:53 p.m.5 views

CVE-2025-13607

A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...

9.4CVSS6.9AI score0.00778EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/10 6:30 p.m.7 views

EUVD-2025-202452

A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...

9.4CVSS6.4AI score0.00778EPSS
Exploits0References4
NVD
NVD
added 2025/12/10 6:16 p.m.14 views

CVE-2025-13607

A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...

9.4CVSS0.00778EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/10 5:15 p.m.44 views

CVE-2025-13607 D-Link CCTV camera model DCS-F5614-L1 Missing Authentication for Critical Function

A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL...

9.4CVSS0.00778EPSS
Exploits0References3
CVE
CVE
added 2025/12/10 5:15 p.m.55 views

CVE-2025-13607

CVE-2025-13607 affects D-Link CCTV camera model DCS-F5614-L1 and related entries, describing unauthenticated access to camera configuration data (including account credentials) via a vulnerable URL. Connected sources consistently state missing authentication as the root cause; several enrichments...

9.4CVSS6.5AI score0.00778EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.10 views

PT-2025-50362

Name of the Vulnerable Software and Affected Versions CCTV affected versions not specified Description A malicious actor can access camera configuration information, including account credentials, without authentication by accessing a vulnerable URL. This flaw potentially risks video feed hijack...

9.4CVSS6.6AI score0.00778EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.16 views

D-Link DCS-F5614-L1 安全漏洞

The D-Link DCS-F5614-L1 is a network camera from China Youxun D-Link. A security vulnerability exists in the D-Link DCS-F5614-L1 that originates from unauthenticated access to camera configuration information, including account credentials, when accessing a specific URL...

9.4CVSS7.7AI score0.00778EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.7 views

CVE-2025-64770

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS7AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.8 views

CVE-2025-62674

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS7AI score0.00153EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/20 9:30 p.m.8 views

EUVD-2025-198339

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS6.4AI score0.00153EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/20 9:30 p.m.5 views

EUVD-2025-198340

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS6.4AI score0.00158EPSS
Exploits0References4
NVD
NVD
added 2025/11/20 9:16 p.m.5 views

CVE-2025-64770

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS0.00158EPSS
Exploits0References3
NVD
NVD
added 2025/11/20 9:16 p.m.14 views

CVE-2025-62674

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS0.00153EPSS
Exploits0References3
CVE
CVE
added 2025/11/20 8:37 p.m.12 views

CVE-2025-62674

The CVE-2025-62674 issue concerns iCam365 P201 and iCam365 QC021 network cameras. The vulnerability allows unauthenticated access to RTSP services, which may enable an attacker to retrieve camera configuration information. The information in the connected documents indicates this affects RTSP/ONV...

7CVSS6.6AI score0.00153EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/20 8:37 p.m.19 views

CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS0.00153EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/20 8:37 p.m.10 views

CVE-2025-62674 Missing Authentication for RTSP in iCam Cameras

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS6.6AI score0.00153EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/20 8:25 p.m.11 views

CVE-2025-64770 Missing Authentication for ONVIF in iCam Cameras

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

7CVSS0.00158EPSS
Exploits0References3
CVE
CVE
added 2025/11/20 8:25 p.m.17 views

CVE-2025-64770

CVE-2025-64770 involves unauthenticated access to ONVIF services in affected iCam365 network cameras (e.g., iCam365 P201 and P201 QC021), potentially exposing camera configuration information. The Red Hat and EUVD entries mirror the same description. No concrete patch/version or remediation is sp...

7CVSS6.6AI score0.00158EPSS
Exploits0References3
Rows per page
Query Builder