39 matches found
Cellinx NVT 路径遍历漏洞
Cellinx NVT IP PTZ is a camera appliance from Cellinx Korea. A path traversal vulnerability exists in Cellinx NVT version v1.0.6.002b, which stems from the presence of a local file disclosure vulnerability...
CVE-2023-23063
Cellinx NVT v1.0.6.002b was discovered to contain a local file disclosure vulnerability via the component /cgi-bin/GetFileContent.cgi...
CVE-2023-23063
Cellinx NVT on version 1.0.6.002b contains a local file disclosure via /cgi-bin/GetFileContent.cgi. The issue allows unauthenticated attackers to read arbitrary files from the server by supplying a path in the GetFileContent.cgi component, exposing sensitive data such as configuration files or vi...
CVE-2022-30620
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...
CVE-2022-30620
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...
Design/Logic Flaw
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...
CVE-2022-30621 Cellinx NVT – IP PTZ Camera local file inclusion
Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary files on the camera's OS as root user...
CVE-2022-30620 Cellinx NVT – IP PTZ Camera Privilege Escalation
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...
CVE-2022-30620
The CVE-2022-30620 entry concerns Cellinx Camera (guest-enabled) where an attacker with web access can elevate from guest to administrative privileges by modifying cookie values (notably is_admin and showConfig), enabling changes to camera configuration. Connected sources corroborate privilege es...
PT-2022-20213 · Cellinx · Cellinx Camera
Name of the Vulnerable Software and Affected Versions: Cellinx Camera affected versions not specified Description: The issue allows an attacker with web access to elevate privileges from guest to administrative by modifying specific cookie values, including is admin and showConfig, enabling chang...
Cellinx NVT IP PTZ 安全漏洞
Cellinx NVT IP PTZ is a camera device from Cellinx Korea. A security vulnerability exists in Cellinx NVT IP PTZ, where an attacker can elevate web access to administrative privileges and allow changes to various camera configurations by modifying the following cookie values "isadmin", "showConfig...
Cellinx NVT IP PTZ 安全漏洞
The Cellinx NVT IP PTZ is a camera device from Cellinx Korea. A security vulnerability exists in the Cellinx NVT IP PTZ that allows a remote attacker to read arbitrary files on the camera's operating system as root...
CVE-2022-30620
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...
Cellinx NVT Web Server Access Control Error Vulnerability
Cellinx NVT Web Server is a web platform for virtual terminal management NVT from Cellinx, Korea. The platform is mainly used for managing video surveillance devices, and it is divided into monitoring page and setting page to control terminals. An access control error vulnerability exists in...
CVE-2020-28250
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...
CVE-2020-28250
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...
Authentication flaw
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...
CVE-2020-28250
CVE-2020-28250 affects Cellinx NVT Web Server 5.0.0.014b.test (2019-09-05). The vulnerability allows a remote user to run commands as root via SetFileContent.cgi because authentication is performed on the client side. Exploitation details are not provided in the documents; no patch/version remedi...
CVE-2020-28250
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side...