EUVD-2021-34718

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated attacker can directly retrieve a compressed configuration backup file from the device. The backup contains sensitive configuration information,...

CVE-2021-4468 PLANEX CS-QP50F-ING2 Smart Camera Remote Configuration Disclosure

PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup interface over HTTP that does not require authentication. A remote, unauthenticated attacker can directly retrieve a compressed configuration backup file from the device. The backup contains sensitive configuration information,...

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

Denver SHO-110 安全漏洞

The Denver SHO-110 is a wireless IP camera from Denver, Denmark. A security vulnerability exists in the Denver SHO-110 that originates from an unauthenticated HTTP service exposing a snapshot endpoint, which could lead to compromised confidentiality of the surveillance environment...

PLANEX CS-QP50F-ING2 安全漏洞

The Planex PLANEX CS-QP50F-ING2 is a smart camera from Planex Japan. A security vulnerability exists in the PLANEX CS-QP50F-ING2 that stems from the configuration of a backup interface without authentication, which could lead to the disclosure of sensitive information and compromise the...

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

PT-2025-46892

🚨 CVE-2025-55810 A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card. 🎖@cveNotify...

CVE-2025-55810

CVE-2025-55810 affects the Alaga Home Security WiFi Camera 3K, model S-CW2503C-H, with hardware version V03 and firmware 1.4.2. The documented vulnerability allows a physical attacker to execute commands as root by placing a script file with a specific name on an SD card inserted into the device....

Alaga Home Security WiFi Camera 安全漏洞

Alaga Home Security WiFi Camera is a series of home webcams from Alaga USA. A security vulnerability exists in Alaga Home Security WiFi Camera that originates from a physical attacker being able to execute root commands via a specifically named SD card script file...

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

CVE-2016-15055

JVC VN-T IP-camera models firmware versions up to 2016-08-22 confirmed on the VN-T216VPRU model contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this vulnerability to read arbitrary...

CVE-2016-15055

CVE-2016-15055 affects JVC VN-T IP-camera models with firmware up to 2016-08-22 (confirmed on VN-T216VPRU). The vulnerability is a directory traversal in the /checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this to read arbitrary fi...

CVE-2016-15055 JVC VN-T IP-Camera Directory Traversal via check.cgi

JVC VN-T IP-camera models firmware versions up to 2016-08-22 confirmed on the VN-T216VPRU model contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this vulnerability to read arbitrary...

CVE-2025-40156 PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe The drv-sramreg pointer could be set to ERRPTR-EPROBEDEFER which would lead to a error pointer dereference. Use ISERRORNULL to check that the pointer is vali...

PT-2025-46726

JVC VN-T IP-camera models firmware versions up to 2016-08-22 confirmed on the VN-T216VPRU model contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled file parameter. An unauthenticated remote attacker can leverage this vulnerability to read arbitrary...

JVC VN-T216VPRU 安全漏洞

The JVC VN-T216VPRU is a camera from JVC USA. A security vulnerability exists in the JVC VN-T216VPRU that stems from a directory traversal issue in the checkcgi endpoint, which could lead to reading arbitrary files on the device...

PT-2025-46303

Name of the Vulnerable Software and Affected Versions Axis affected versions not specified Description An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This issue is exploitable if the Axis device is configured to allow the installatio...

CVE-2025-63296

KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution vulnerability in its boot/update logic: during startup /usr/sbin/anykaservice.sh scans mounted TF/SD cards and, if /mnt/update.nor.sh is present, copies it to /tmp/net.sh and executes it as root...