Lucene search
K

39 matches found

CNNVD
CNNVD
added 2023/02/22 12:0 a.m.4 views

Cellinx NVT 路径遍历漏洞

Cellinx NVT IP PTZ is a camera appliance from Cellinx Korea. A path traversal vulnerability exists in Cellinx NVT version v1.0.6.002b, which stems from the presence of a local file disclosure vulnerability...

7.5CVSS7.3AI score0.02431EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/02/22 12:0 a.m.25 views

CVE-2023-23063

Cellinx NVT v1.0.6.002b was discovered to contain a local file disclosure vulnerability via the component /cgi-bin/GetFileContent.cgi...

7.6AI score0.02431EPSS
Exploits1References1
CVE
CVE
added 2023/02/22 12:0 a.m.78 views

CVE-2023-23063

Cellinx NVT on version 1.0.6.002b contains a local file disclosure via /cgi-bin/GetFileContent.cgi. The issue allows unauthenticated attackers to read arbitrary files from the server by supplying a path in the GetFileContent.cgi component, exposing sensitive data such as configuration files or vi...

7.5CVSS7.3AI score0.02431EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/07/18 1:15 p.m.4 views

CVE-2022-30620

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...

8.8CVSS5.8AI score0.0045EPSS
Exploits0References1
NVD
NVD
added 2022/07/18 1:15 p.m.17 views

CVE-2022-30620

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...

8.8CVSS0.0045EPSS
Exploits0References1
Prion
Prion
added 2022/07/18 1:15 p.m.14 views

Design/Logic Flaw

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...

6.5CVSS8.5AI score0.0045EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/18 12:55 p.m.20 views

CVE-2022-30621 Cellinx NVT – IP PTZ Camera local file inclusion

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary files on the camera's OS as root user...

7.6CVSS7.6AI score0.00607EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/18 12:54 p.m.24 views

CVE-2022-30620 Cellinx NVT – IP PTZ Camera Privilege Escalation

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...

8.2CVSS8.8AI score0.0045EPSS
Exploits0References1
CVE
CVE
added 2022/07/18 12:54 p.m.56 views

CVE-2022-30620

The CVE-2022-30620 entry concerns Cellinx Camera (guest-enabled) where an attacker with web access can elevate from guest to administrative privileges by modifying cookie values (notably is_admin and showConfig), enabling changes to camera configuration. Connected sources corroborate privilege es...

8.8CVSS8.5AI score0.0045EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/18 12:0 a.m.5 views

PT-2022-20213 · Cellinx · Cellinx Camera

Name of the Vulnerable Software and Affected Versions: Cellinx Camera affected versions not specified Description: The issue allows an attacker with web access to elevate privileges from guest to administrative by modifying specific cookie values, including is admin and showConfig, enabling chang...

8.8CVSS8.5AI score0.0045EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/18 12:0 a.m.6 views

Cellinx NVT IP PTZ 安全漏洞

Cellinx NVT IP PTZ is a camera device from Cellinx Korea. A security vulnerability exists in Cellinx NVT IP PTZ, where an attacker can elevate web access to administrative privileges and allow changes to various camera configurations by modifying the following cookie values "isadmin", "showConfig...

8.8CVSS7.9AI score0.0045EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/18 12:0 a.m.4 views

Cellinx NVT IP PTZ 安全漏洞

The Cellinx NVT IP PTZ is a camera device from Cellinx Korea. A security vulnerability exists in the Cellinx NVT IP PTZ that allows a remote attacker to read arbitrary files on the camera's operating system as root...

7.6CVSS6.8AI score0.00607EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/06 12:37 p.m.6 views

CVE-2022-30620

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...

8.8CVSS5.8AI score0.0045EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/11/09 12:0 a.m.1 views

Cellinx NVT Web Server Access Control Error Vulnerability

Cellinx NVT Web Server is a web platform for virtual terminal management NVT from Cellinx, Korea. The platform is mainly used for managing video surveillance devices, and it is divided into monitoring page and setting page to control terminals. An access control error vulnerability exists in...

10CVSS7.3AI score0.02852EPSS
Exploits1References1
NVD
NVD
added 2020/11/06 7:15 a.m.23 views

CVE-2020-28250

Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...

10CVSS9.7AI score0.02852EPSS
Exploits1References1
OSV
OSV
added 2020/11/06 7:15 a.m.5 views

CVE-2020-28250

Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...

9.8CVSS7.4AI score0.02852EPSS
Exploits1References1
Prion
Prion
added 2020/11/06 7:15 a.m.12 views

Authentication flaw

Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...

10CVSS9.6AI score0.02852EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/11/06 6:15 a.m.54 views

CVE-2020-28250

CVE-2020-28250 affects Cellinx NVT Web Server 5.0.0.014b.test (2019-09-05). The vulnerability allows a remote user to run commands as root via SetFileContent.cgi because authentication is performed on the client side. Exploitation details are not provided in the documents; no patch/version remedi...

10CVSS9.5AI score0.02852EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/06 6:15 a.m.23 views

CVE-2020-28250

Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...

9.7AI score0.02852EPSS
Exploits1References1
Rows per page
Query Builder