📄 Frigate NVR 0.16.3 Remote Command Execution

This Python exploit targets a critical configuration manipulation vulnerability in Frigate NVR versions up to 0.16.3 both authenticated and unauthenticated paths. By injecting a malicious go2rtc stream and a fake camera entry, it triggers arbitrary command execution as the Frigate process during...

Exploit for Improper Privilege Management in Frigate

Frigate NVR ≤ 0.16.3 Blind RCE Exploit CVE-2026-25643 PoC...

CVE-2019-11014

The VStarCam vstc.vscam.client library and vstc.vscam shared object, as used in the Eye4 application for Android, iOS, and Windows, do not prevent spoofing of the camera server. An attacker can create a fake camera server that listens for the client looking for a camera on the local network. When...

CVE-2019-11014

CVE-2019-11014 affects the VStarCam vstc.vscam.client library and vstc.vscam shared object used by Eye4 on Android, iOS, and Windows. The issue allows spoofing of the camera server: an attacker can set up a fake camera server on the local network, have the client respond to it via the broadcast a...