CVE-2025-66049 Unprotected RTSP stream in Vivotek IP7137 cameras

Vivotek IP7137 camera with firmware version 0200a is vulnerable to an information disclosure issue where live camera footage can be accessed through the RTSP protocol on port 8554 without requiring authentication. This allows unauthorized users with network access to view the camera's feed,...

PT-2026-1181

Name of the Vulnerable Software and Affected Versions Petlibro Smart Pet Feeder Platform versions up to 1.7.31 Description The Petlibro Smart Pet Feeder Platform is affected by an improper access control issue. The platform allows unauthorized device manipulation by accepting arbitrary serial...

LSC Smart Connect Indoor IP Camera 安全漏洞

LSC Smart Connect Indoor IP Camera is an indoor IP camera driver from LSC Smart Connect. A security vulnerability exists in LSC Smart Connect Indoor IP Camera version V7.6.32, which stems from an information disclosure issue that allows unauthorized users with network access to view the camera's...

Robot vacuum cleaners hacked to spy on, insult owners

Multiple robot vacuum cleaners in the US were hacked to yell obscenities and insults through the onboard speakers. ABC news was able to confirm reports of this hack in robot vacuum cleaners of the type Ecovacs Deebot X2, which are manufactured in China. Ecovacs is considered the leading service...

CVE-2024-42531

Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that can be used to redirect the camera feed. NOTE: the vendor's perspective is that the Anonymous120386 sample code can establi...

CVE-2024-42531

Ezviz CS-CV246 (D15655150) IP camera vulnerability CVE-2024-42531 allows an unauthenticated host to access the live video stream by crafting RTSP requests/URIs to redirect the feed. Root cause: improper handling of RTSP packet sequences enabling feed redirection. Affected versions include V5.3 (b...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

Code injection

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2023-40040

The CVE-2023-40040 entry affects MyCrops HiGrade “THC Testing & Cannabi” app 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in scenarios where Android lacks runtime permission checks, specifically on Android SDK 5.1...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

HangZhou XiongMai Technologies Net Surveillance 'DVR.html' Authentication Bypass Vulnerability

The remote installation of HangZhou XiongMai Technologies Net Surveillance is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Amazon Key Weakness Vulnerability

Amazon Key is a smart lock service from Amazon USA. A security vulnerability exists in Amazon Key 2017-11-16 and earlier versions. An attacker could use the vulnerability to freeze the camera feed...

FTC: D-Link Failed to Secure Routers, IP Cameras

The Federal Trade Commission acknowledged on Thursday that it takes the security of the so-called internet of things seriously when it leveraged a complaint against one of the more popular router manufacturers. The lawsuit, filed at the U.S. District Court for the Northern District of California,...