7 matches found
PTZOptics Camera Multiple Vulnrebilities (Sep 2024) - Active Check
PTZOptics Camera devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:ptzoptics:"...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8957link is external PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability CVE-2024-8956link is external PTZOptics PT30X-SDI/NDI Cameras...
PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability
PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference IDOR vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root...
CVE-2024-8957
creationtimestamp| type| source ---|---|--- 2024-09-17 23:58:54+00:00| seen| https://t.me/cvedetector/5858 2024-10-31 20:08:37+00:00| published-proof-of-concept| Telegram/mdRJdsx8N3wQa2dDU7NeIQqZwfNNL0qkhcZrrmSlvXkw 2024-11-01 05:52:46+00:00| published-proof-of-concept|...
CVE-2024-8957 PTZOptics NDI and SDI Cameras Command Injection via NTP Address Configuration
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...
CVE-2024-8957
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...
VulnCheck KEV: CVE-2024-8956
PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference IDOR vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root...