16 matches found
EUVD-2018-18165
Malware in sbrugna...
Conceptronic CIPCAMPTIWL Denial of Service Vulnerability
The Conceptronic CIPCAMPTIWL is an IP camera capable of recording audio and video and transmitting it over a network. A denial of service vulnerability exists in Conceptronic CIPCAMPTIWL V3 0.61.30.21. An attacker can cause a denial of service by sending a POST request with a large amount of body...
Code injection
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device...
Cross site request forgery (csrf)
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account...
CVE-2018-6407
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device...
CVE-2018-6408
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account...
CVE-2018-6407
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device...
CVE-2018-6408
The CVE-2018-6408 entry concerns Conceptronic CIPCAMPTIWL V3 devices (firmware 0.61.30.21) with a Cross-Site Request Forgery flaw in the hy-cgi/user.cgi endpoint. The root cause is CSRF on the admin management page, enabling an attacker to change an administrator password or add a new administrat...
CVE-2018-6407
CVE-2018-6407 affects Conceptronic CIPCAMPTIWL V3 0.61.30.21. An unauthenticated attacker can crash the device by sending a POST request with an excessively large body to /hy-cgi/devices.cgi?cmd=searchlandevice, causing the device to freeze. Multiple sources (NVD, Red Hat, CNVD, CVE records) desc...
CVE-2013-7204
Cross-site request forgery CSRF vulnerability in setusers.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in setusers.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users...
CVE-2013-7204
Cross-site request forgery CSRF vulnerability in setusers.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users...
CVE-2013-7204
Conceptronic CIPCAMPTIWL network camera (Firmware 21.37.2.49, Web UI 0.61.4.18) is affected by CVE-2013-7204: a Cross-Site Request Forgery in /set_users.cgi that lets an attacker cause an administrator to create/add new users, potentially hijacking admin access. Affected component is the CGI form...
Conceptronic Wireless Pan & Tilt Network Camera - CSRF Vulnerability
Exploit for hardware platform in category web applications Affected Product: Conceptronic camera CIPCAMPTIWL Tested Firmware: 21.37.2.49 Tested Web UI Firmware: 0.61.4.18 Assigned CVE: CVE-2013-7204 CVSSv2 Base Score: 5.8 AV:N/AC:M/AU:N/C:P/I:P/A:N Vulnerability Type: Cross-Site Request Forgery...
[CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)
Hello List, Here I inform you about an easily exploitable CSRF discovered in Conceptronic cameras CIPCAMPTIWL. General Details Affected Product: Conceptronic camera CIPCAMPTIWL Tested Firmware: 21.37.2.49 Tested Web UI Firmware: 0.61.4.18 Assigned CVE: CVE-2013-7204 CVSSv2 Base Score: 5.8...
Conceptronic CIPCAMPTIWL 21.37.2.49 Cross Site Request Forgery
Hello List, Here I inform you about an easily exploitable CSRF discovered in Conceptronic cameras CIPCAMPTIWL. General Details Affected Product: Conceptronic camera CIPCAMPTIWL Tested Firmware: 21.37.2.49 Tested Web UI Firmware: 0.61.4.18 Assigned CVE: CVE-2013-7204 CVSSv2 Base Score: 5.8...