Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

253 matches found

0day.today
0day.todayadded 2021/07/30 12:0 a.m.139 views

Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery Vulnerability

Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privilege...

0.7AI score
Exploits0
Zero Science Lab
Zero Science Labadded 2021/07/30 12:0 a.m.882 views

Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password

Summary SANYO network camera and network optional board with the latest H.264 compression technology provide the optimum surveillance applications with high quality real time moving image at low bandwidth. Simultaneous stream of H.264 and JPEG data and also COAX video out to provide flexible...

8.8CVSS7.2AI score0.00332EPSS
Exploits1
Packet Storm
Packet Stormadded 2021/07/06 12:0 a.m.186 views

Visual Tools DVR VX16 4.2.28 Privilege Escalation

Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An attacker can perform a system-level root local...

0.7AI score
Exploits0
Packet Storm
Packet Stormadded 2021/07/06 12:0 a.m.184 views

Visual Tools DVR VX16 4.2.28.0 Command Injection

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An unauthenticated remote attacker can...

0.3AI score
Exploits0
Exploit DB
Exploit DBadded 2021/07/06 12:0 a.m.235 views

Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation

Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An attacker can perform a system-level root local...

7.4AI score
Exploits0
0day.today
0day.todayadded 2021/07/06 12:0 a.m.87 views

Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated) Vulnerability

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An unauthenticated remote attacker can inject arbitrary...

0.4AI score
Exploits0
Exploit DB
Exploit DBadded 2021/07/06 12:0 a.m.284 views

Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. CVE: CVE-2021-42071 Reference:...

10CVSS9.7AI score0.69882EPSS
Exploits2
CNVD
CNVDadded 2021/01/07 12:0 a.m.2 views

Denial of Service Vulnerability in OpenWrt

OpenWRT is a highly modular, highly automated embedded Linux system with powerful networking components and extensibility that is often used in industrial control devices, telephones, small robots, smart homes, routers, and VOIP devices. A denial of service vulnerability exists in OpenWrt, which...

6.9AI score
Exploits0References1
CNNVD
CNNVDadded 2020/12/21 12:0 a.m.2 views

Pengutronix RAUC Security Vulnerability

Pengutronix RAUC is a software from the Pengutronix organization that provides automatic updates for embedded Linux systems. A security vulnerability exists in Pengutronix RAUC update, which stems from a time-of-use check vulnerability in the install.c module that verifies the signature of an...

7.1CVSS6.9AI score0.01417EPSS
Exploits1References3
0day.today
0day.todayadded 2020/11/21 12:0 a.m.74 views

Barco wePresent WiPG-1600W Insecure Firmware Image Vulnerability

Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have firmware that does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modified/malicious images. Title: Barco wePresent Insecure Firmware Image Publication...

9.8CVSS0.2AI score0.01673EPSS
Exploits7
0day.today
0day.todayadded 2020/11/21 12:0 a.m.62 views

Barco wePresent WiPG-1600W Hardcoded API Credentials Vulnerability

Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Versions affected include 2.5.1.8, 2.5.0.25, 2.5.0.24, and...

9.8CVSS8AI score0.01543EPSS
Exploits7
0day.today
0day.todayadded 2020/11/21 12:0 a.m.50 views

Barco wePresent WiPG-1600W Admin Credential Exposure Vulnerability

An attacker armed with hardcoded API credentials from KL-001-2020-004 CVE-2020-28329 can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp for Barco wePresent WiPG-1600W version 2.5.1.8. Title: Barco wePresent Admin Credentials...

9.8CVSS0.01543EPSS
Exploits8
0day.today
0day.todayadded 2020/11/21 12:0 a.m.120 views

Barco wePresent WiPG-1600W Global Hardcoded Root SSH Password Vulnerability

Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have a hardcoded root password hash included in the firmware image. Title: Barco wePresent Global Hardcoded Root SSH Password Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt 1...

10CVSS0.04708EPSS
Exploits13
KoreLogic Security
KoreLogic Securityadded 2020/11/20 12:0 a.m.37 views

Barco wePresent Insecure Firmware Image

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19 Platform: Embedded Linux CWE Classification: CWE-494: Download of Code Without Integrity Check CVE ID: CVE-2020-28332 2. Vulnerability Description The Barco...

9.8CVSS8.5AI score0.01079EPSS
Exploits3Affected Software1
KoreLogic Security
KoreLogic Securityadded 2020/11/20 12:0 a.m.38 views

Barco wePresent Authentication Bypass

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8 Platform: Embedded Linux CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel CVE ID: CVE-2020-28333 2. Vulnerability Description The Barco wePresent web...

9.8CVSS8.8AI score0.032EPSS
Exploits2Affected Software1
Packet Storm
Packet Stormadded 2020/11/20 12:0 a.m.772 views

Barco wePresent Insecure Firmware Image

KL-001-2020-009 : Barco wePresent Insecure Firmware Image Title: Barco wePresent Insecure Firmware Image Advisory ID: KL-001-2020-009 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt 1. Vulnerability Details Affected Vendor: Barco Affect...

8.7AI score0.01673EPSS
Exploits7
KoreLogic Security
KoreLogic Securityadded 2020/11/20 12:0 a.m.46 views

Barco wePresent Admin Credentials Exposed In Plain-text

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8 Platform: Embedded Linux CWE Classification: CWE-523: Unprotected Transport of Credentials CVE ID: CVE-2020-28330 2. Vulnerability Description An attacker armed with hardcoded API...

9.8CVSS7.8AI score0.01543EPSS
Exploits8Affected Software1
KoreLogic Security
KoreLogic Securityadded 2020/11/20 12:0 a.m.56 views

Barco wePresent Hardcoded API Credentials

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials CVE ID: CVE-2020-28329 2. Vulnerability Description Barco wePresent...

9.8CVSS7.8AI score0.01543EPSS
Exploits7Affected Software1
Packet Storm
Packet Stormadded 2020/11/20 12:0 a.m.815 views

Barco wePresent Hardcoded API Credentials

KL-001-2020-004 : Barco wePresent Hardcoded API Credentials Title: Barco wePresent Hardcoded API Credentials Advisory ID: KL-001-2020-004 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-004.txt 1. Vulnerability Details Affected Vendor: Barco...

8.1AI score0.01543EPSS
Exploits7
Packet Storm
Packet Stormadded 2020/11/20 12:0 a.m.750 views

Barco wePresent Authentication Bypass

KL-001-2020-006 : Barco wePresent Authentication Bypass Title: Barco wePresent Authentication Bypass Advisory ID: KL-001-2020-006 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-006.txt 1. Vulnerability Details Affected Vendor: Barco Affected...

0.2AI score0.032EPSS
Exploits2
Rows per page
Query Builder