CVE-2025-53702 DoS vulnerability in Vilar VS-IPC1002 IP cameras

Vilar VS-IPC1002 IP cameras are vulnerable to DoS Denial-of-Service attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required. The vendor did not...

CVE-2025-53702

Vilar VS-IPC1002 IP cameras are affected by CVE-2025-53702 affecting the DoS vector via crafted requests to /cgi-bin/action on the same local network. An unauthenticated attacker can render the device unresponsive, requiring a manual restart. Only version 1.1.0.18 was tested; other versions might...

Vilar VS-IPC1002 跨站脚本漏洞

Vilar VS-IPC1002 is a webcam from the Chinese company Vilar. A cross-site scripting vulnerability exists in the Vilar VS-IPC1002 version 1.1.0.18, which stems from improper cleanup of the GET request parameter on the /cgi-bin/action endpoint, which could lead to a reflected cross-site scripting...

CVE-2025-11757

The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key...

EUVD-2025-35202

The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key...

CloudEdge Online Cameras and App

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to live video feed and camera control. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

EUVD-2025-35065

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

Smart-camera-privilege-escalation

Smart-camera-privilege-esca...

CVE-2025-40015

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

CVE-2025-40015 media: stm32-csi: Fix dereference before NULL check

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

GeoVision GV-BX1500和GeoVision GV-MFD1501 安全漏洞

The GeoVision GV-BX1500 and GeoVision GV-MFD1501 are both a series of indoor IP cameras from GeoVision China. A security vulnerability exists in the GeoVision GV-BX1500 and GeoVision GV-MFD1501 that stems from a remote command injection in /PictureCatch.cgi, which could lead to the execution of...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in D-Link Dcs-936L_Firmware

📸 CVE-2018-18441-exploit - Easily Access D-Link Camera Data...

Huawei HarmonyOS Camera app privilege authentication bypass vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege authentication bypass vulnerability exists in the Huawei HarmonyOS Camera app, which can be exploited by an attacker to compromise service...

Huawei HarmonyOS camera module privilege control vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS camera module, which can be exploited by an attacker to compromise service confidentiality...

Dahua IPC和Dahua SD 安全漏洞

Dahua IPC and Dahua SD are both products of Dahua, a Chinese company.Dahua IPC is a series of industrial controllers from Dahua.Dahua SD is a series of PTZ dome cameras. A security vulnerability exists in the Dahua IPC and Dahua SD. The vulnerability originates from a third-party malicious attack...

CVE-2025-58282

Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-58277

Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiality...

Tenda RP3 Pro 安全漏洞

Tenda RP3 Pro is an indoor wireless PTZ camera from Tenda China. A security vulnerability exists in Tenda RP3 Pro version 22.5.7.93 and earlier, which originates from a hard-coded password in the parameter currentforceupgradepwd in the file forceupgrade.sh, which could lead to a local attack...

EUVD-2025-33810

Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality...

EUVD-2025-33812

Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiality...