7640 matches found
CVE-2004-1650
The CVE covers the D-Link DCS-900 Internet Camera. The device listens on UDP port 62976 for an IP address, enabling remote attackers to change the camera’s IP address via a UDP broadcast packet. Impact is partial confidentiality/integrity/availability (per CVSS), with network-based access and no ...
CVE-2004-2427
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to 1 admin/getparam.cgi, 2 admin/systemlog.cgi, 3 admin/serverreport.cgi, and 4 admin/paramlist.cgi, modify system information via 5 setparam.cgi an...
CVE-2004-2426
Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. dot dot in an HTTP POST request to ServerManager.srv, then use these privileges to conduct other activities, such as modifying...
CVE-2004-2425
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent and possibly other shell metacharacters in the query string to virtualinput.cgi...
Axis Network Camera and Video Server Security Advisory
Topic Security issues have been identified that allows an attacker to compromise Axis Network Cameras, Video Servers, Serial Servers and Network Digital Video Recorders. 2. Description The first issue allows arbitrary shell command execution via HTTP requests due to erroneous shell command and...
D-Link DCS-900 Camera Remote IP Address Changer Exploit
Exploit for hardware platform in category remote exploits ======================================================= D-Link DCS-900 Camera Remote IP Address Changer Exploit ======================================================= / dlinkdown.c - miscname.com change ip address on all dlink dcs-900...
D-Link DCS-900 Camera Remote IP Address Changer Exploit
No description provided by source. / dlinkdown.c - miscname.com change ip address on all dlink dcs-900 cameras on the local network without authentication dlink dcs-900 ip cameras use a broadcast/listen method of configuration ... rather than a static ip addr out of the box, it listens for a...
D-Link DCS-900 Camera - Remote IP Address Changer
D-Link DCS-900 Camera - Remote IP Address Changer / dlinkdown.c - miscname.com change ip address on all dlink dcs-900 cameras on the local network without authentication dlink dcs-900 ip cameras use a broadcast/listen method of configuration ... rather than a static ip addr out of the box, it...
D-Link DCS-900 Camera - Remote IP Address Changer
/ dlinkdown.c - miscname.com change ip address on all dlink dcs-900 cameras on the local network without authentication dlink dcs-900 ip cameras use a broadcast/listen method of configuration ... rather than a static ip addr out of the box, it listens for a 62976/udp broadcast packet telling it...
[PoC] Nasty bug(s) found in Axis Network Camera/Video Servers
/ Public disclosure due lack of responce from Axis Communications / I have found a couple of bugs in Axis Network Camera/Video Servers. I have all Axis stuff in one e-mail, instead of multiple, lazy me.. ; Vulnerable: Axis 2100/2110/2120/2420/2130 Network Camera, 2400/2401 Video Server. There may...
axisFlaws.txt
/ Public disclosure due lack of responce from Axis Communications / I have found a couple of bugs in Axis Network Camera/Video Servers. I have all Axis stuff in one e-mail, instead of multiple, lazy me.. ; Vulnerable: Axis 2100/2110/2120/2420/2130 Network Camera, 2400/2401 Video Server. There may...
Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass
Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass source: https://www.securityfocus.com/bid/11011/info A hardcoded backdoor administrative-user issue allows remote attackers to administer affected devices. This likely cannot be disabled. This issue is reported to affect: -...
Axis Network Camera 2.x And Video Server 1-3 - 'virtualinput.cgi' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/11011/info 1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Other commands are also likely to work, facilitating other attacks. This issue is reported to...
Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution
Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution source: https://www.securityfocus.com/bid/11011/info 1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Othe...
DLINK Audio/Video Camera Detection
Binary data 4526.prm...
Avigilon Security Camera Detection
Binary data 5228.prm...
tn-linksys.txt
---------------------------------- Telconinjas Computer Security Lab Contact: [email protected] Severity: Low Vendor: Linksys ---------------------------------- Affected Products: Linksys Wireless Internet Camera Version 2.12 was the only testbed available, though I am sure other versions near this...
Linksys Web Camera Software 2.10 - Next_file Cross-Site Scripting
Linksys Web Camera Software 2.10 - Nextfile Cross-Site Scripting source: https://www.securityfocus.com/bid/10533/info It is reported that Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials ...
Linksys Web Camera Software 2.10 - 'Next_file' Cross-Site Scripting
source: https://www.securityfocus.com/bid/10533/info It is reported that Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials or carry out other attacks. The problem presents itself when an...
Linksys Web Camera File Inclusion Vuln
Linksys Web Camera version 2.10 only tested with 2.10 is vulnerable to a file inclusion vulnerability in main.cgi Example: http://www.host.com/main.cgi?nextfile=/etc/passwd...