7644 matches found
ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure
ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure ------------------------------------------------- SoftWare Name : ARD-9808 DVR Card Security Camera Passwords View Bug ------------------------------------------------- Author : Septemb0x Web Site : www.ozkanbozkurt.com Procut...
ARD-9808 DVR Card Security Camera - GET Remote Denial of Service
ARD-9808 DVR Card Security Camera - GET Remote Denial of Service import socket import sys print "----------------------------------------------------------------" print " ARD-9808 DVR Card Security Camera = Remote Denial Of Service " print " author: Stack " print...
ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln
Exploit for hardware platform in category remote exploits ================================================================== ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln ==================================================================...
ARD-9808 DVR Card Security Camera - GET Remote Denial of Service
import socket import sys print "----------------------------------------------------------------" print " ARD-9808 DVR Card Security Camera = Remote Denial Of Service " print " author: Stack " print "----------------------------------------------------------------" host = "127.0.0.1" port = 80 tr...
ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure
------------------------------------------------- SoftWare Name : ARD-9808 DVR Card Security Camera Passwords View Bug ------------------------------------------------- Author : Septemb0x Web Site : www.ozkanbozkurt.com Procuts Site :...
CVE-2009-2046
The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a 1 http or 2 https request, related to the a SD Camera Web Server and the b Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr9649...
Cross site request forgery (csrf)
The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a 1 http or 2 https request, related to the a SD Camera Web Server and the b Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr9649...
CVE-2009-2046
CVE-2009-2046 affects Cisco Video Surveillance 2500 Series IP Camera firmware before 2.1. The embedded web server on the camera’s HTTP/HTTPS interfaces (SD Camera Web Server and Wireless Camera HTTP Server) allows remote access to read arbitrary files, exposing sensitive data. Root cause is an in...
CVE-2009-1555
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by reading the SetupWizard.exe process memory, a...
Directory traversal
Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter...
CVE-2009-1556
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the nextfile parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerabili...
CVE-2009-1557
Multiple cross-site scripting XSS vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the nextfile parameter to 1 main.cgi, 2 img/main.cgi, or 3 adm/file.cgi; or 4 the thisfile...
CVE-2009-1559
Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the thisfile parameter. NOTE: traversal via a .. dot dot is probably als...
CVE-2009-1560
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 stores passwords and wireless-network keys in cleartext in 1 passwd.htm and 2 Wsecurity.htm, which allows remote attackers to obtain sensitive information by reading the HTML source code...
Design/Logic Flaw
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the nextfile parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerabili...
CVE-2009-1555
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by reading the SetupWizard.exe process memory, a...
CVE-2009-1555
The CVE-2009-1555 entry concerns the Cisco Linksys WVC54GCA wireless video camera. Affected firmware is 1.00R22 and 1.00R24. The issue arises when the device responds to a Setup Wizard remote-management command by exposing configuration data, enabling remote attackers to obtain sensitive informat...
CVE-2009-1558
Cisco Linksys WVC54GCA cameras with firmware 1.00R22/1.00R24 are vulnerable to local file inclusion in adm/file.cgi via the next_file parameter (using %2e or an absolute pathname). This allows reading arbitrary files on the device. The Nuclei template confirms a Local File Inclusion against the s...
CVE-2009-1559
The CVE-2009-1559 entry relates to an absolute path traversal vulnerability in the adm/file.cgi component of the Cisco Linksys WVC54GCA wireless video camera. Affected firmware is listed as 1.00R24 and possibly 1.00R22. The vulnerability allows remote attackers to read arbitrary files by supplyin...
CVE-2009-1556
CVE-2009-1556 (Linksys WVC54GCA) affects Cisco Linksys WVC54GCA wireless video camera firmware 1.00R22 and 1.00R24. The flaw is in the img/main.cgi component, where an attacker with remote authentication can read arbitrary files from the img/ directory by supplying a filename in the next_file par...