CVE-2024-54011

Penetration Testing engineers at Amazon have discovered a flaw where the camera system fails to properly handle data supplied in certain requests, causing a service disruption. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and...

EUVD-2023-58371

Malicious code in bioql PyPI...

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 CVSS v4 score: 9.3, a critical operating system command injection flaw that a...

The vulnerability of the Ezviz Internet PT camera’s microprogramming software allows a intruder to gain unauthorized access to the real-time video stream.

The vulnerability of Ezviz Internet PT Camera’s microprogramming software lies in the ability to gain remote access to real-time video streams by creating RTSP packets with specific URL addresses. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to real-time vide...

CVE-2023-5038 Unauthenticated DoS

badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware...

A week in security (March 26 – April 01)

Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one...