Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2025/08/01 12:0 a.m.5 views

PTZOptics Camera Multiple Vulnrebilities (Sep 2024) - Active Check

PTZOptics Camera devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:ptzoptics:"...

9.1CVSS9.7AI score0.81973EPSS
Exploits2References7
CISA
CISA
added 2024/11/04 12:0 p.m.16 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8957link is external PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability CVE-2024-8956link is external PTZOptics PT30X-SDI/NDI Cameras...

9.1CVSS7.6AI score0.81973EPSS
In wildExploits2References7
CISA KEV Catalog
CISA KEV Catalog
added 2024/11/04 12:0 a.m.30 views

PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference IDOR vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root...

9.1CVSS8.4AI score0.81973EPSS
In wildExploits2
Circl
Circl
added 2024/09/17 11:58 p.m.8 views

CVE-2024-8957

creationtimestamp| type| source ---|---|--- 2024-09-17 23:58:54+00:00| seen| https://t.me/cvedetector/5858 2024-10-31 20:08:37+00:00| published-proof-of-concept| Telegram/mdRJdsx8N3wQa2dDU7NeIQqZwfNNL0qkhcZrrmSlvXkw 2024-11-01 05:52:46+00:00| published-proof-of-concept|...

7.2CVSS7.6AI score0.81973EPSS
Exploits2References12
Cvelist
Cvelist
added 2024/09/17 8:8 p.m.25 views

CVE-2024-8957 PTZOptics NDI and SDI Cameras Command Injection via NTP Address Configuration

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...

7.2CVSS0.81973EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2024/09/17 12:0 a.m.92 views

CVE-2024-8957

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...

9.1CVSS8.4AI score0.81973EPSS
In wildExploits2References3
VulnCheck KEV
VulnCheck KEV
added 2024/09/17 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-8956

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference IDOR vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root...

9.1CVSS7.8AI score0.81973EPSS
Exploits2References1
Rows per page
Query Builder