7619 matches found
CVE-2019-25246
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
CVE-2019-25247
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2018-25138
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...
CVE-2018-25139
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage...
CVE-2018-25138
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...
CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2019-25246 Beward N100 H.264 VGA IP Camera M2.1.6 Authenticated File Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
CVE-2019-25247
The CVE-2019-25247 entry applies to the Beward N100 H.264 VGA IP Camera (M2.1.6). The vulnerability is a cross-site request forgery (CSRF) that lets an attacker trigger administrative actions by deceiving a logged-in user with a malicious page (hidden form to add an admin). Root cause: lack of pr...
CVE-2019-25246
CVE-2019-25246 affects Beward N100 H.264 VGA IP Camera version M2.1.6. The issue is an authenticated file disclosure via the READ.filePath parameter, enabling access to arbitrary system files (e.g., /etc/passwd, /etc/issue) through the fileread script or SendCGICMD API. The vulnerability is explo...
CVE-2019-25246 Beward N100 H.264 VGA IP Camera M2.1.6 Authenticated File Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
CVE-2019-25236
The CVE-2019-25236 issue affects the iSeeQ Hybrid DVR WH-H4 (version 1.03R). The vulnerability lies in the get_jpeg CGI endpoint (/cgi-bin/get_jpeg), which allows unauthenticated retrieval of live video snapshots from specific camera channels. This exposes video streams without authentication, le...
CVE-2018-25139 FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP Stream Disclosure
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage...
CVE-2018-25139
CVE-2018-25139 affects the FLIR AX8 Thermal Camera (firmware 1.32.16). The vulnerability allows unauthenticated remote access to live RTSP streams, enabling attackers to view and record thermal footage without credentials. Demonstrated use via RTSP clients (e.g., VLC/FFmpeg) is noted in sources. ...
CVE-2018-25138 FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...
CVE-2018-25138 FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...
CVE-2022-50757
In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance mediapipelinestart may fail with EPIPE, if a link validation betwee...
CVE-2022-50759
The CVE-2022-50759 issue affects Linux kernel media: i2c: ov5648, where the V4L2 fwnode data structure isn’t freed on unbind, causing a memory leak. The vulnerability, now resolved, is described across multiple sources as the V4L2 fwnode data not being freed on unbind, with patch references in st...
Beward N100 安全漏洞
Beward N100 is an IP video codec from the Russian open source Beward. A security vulnerability exists in Beward N100 H.264 VGA IP Camera version M2.1.6, which stems from insufficient validation of the READ.filePath parameter and could lead to the disclosure of arbitrary files...
FLIR AX8 Thermal Camera 安全漏洞
FLIR AX8 Thermal Camera is a monitoring thermal imaging sensor from FLIR, Inc. A security vulnerability exists in the FLIR AX8 Thermal Camera version 1.32.16, which stems from the presence of hard-coded SSH and web panel credentials that could lead to unauthorized access...