CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

EUVD•added 2025/11/27 12:30 a.m.•1 views

EUVD-2020-30822

ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may...

8.7CVSS6.3AI score0.00363EPSS

Exploits0References5

NVD•added 2025/11/26 11:15 p.m.•2 views

CVE-2020-36873

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorizatio...

8.7CVSS0.00314EPSS

Exploits0References2

NVD•added 2025/11/26 11:15 p.m.•2 views

CVE-2020-36871

ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup can include...

8.7CVSS0.00355EPSS

Exploits0References3

NVD•added 2025/11/26 11:15 p.m.•3 views

CVE-2020-36874

8.7CVSS0.00363EPSS

Exploits0References4

CVE•added 2025/11/26 10:15 p.m.•9 views

CVE-2020-36871

Summary: CVE-2020-36871 affects ESCAM QD-900 WIFI HD cameras. An unauthenticated GET/download on /web/cgi-bin/hi3510/backup.cgi allows remote retrieval of a compressed configuration backup, which can contain administrative credentials and other sensitive device settings. This information disclosu...

8.7CVSS6.4AI score0.00355EPSS

Exploits0References3

Cvelist•added 2025/11/26 10:12 p.m.•5 views

CVE-2020-36874 ACE SECURITY WIP-90113 Unauthenticated Configuration Disclosure

8.7CVSS0.00363EPSS

Exploits0References4

Vulnrichment•added 2025/11/26 10:12 p.m.•2 views

CVE-2020-36874 ACE SECURITY WIP-90113 Unauthenticated Configuration Disclosure

8.7CVSS6.4AI score0.00363EPSS

Exploits0References4

CVE•added 2025/11/26 10:12 p.m.•11 views

CVE-2020-36874

ACE SECURITY WIP-90113 HD cameras are affected by an unauthenticated configuration-disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without authentication, risking exposure of administrative credentia...

8.7CVSS6.4AI score0.00363EPSS

Exploits0References4

CNNVD•added 2025/11/26 12:0 a.m.•2 views

ACE SECURITY WIP-90113 访问控制错误漏洞

ACE SECURITY WIP-90113 is a high-definition camera from ACE SECURITY, Japan. The ACE SECURITY WIP-90113 suffers from an Access Control Error vulnerability that originates in the /web/cgi-bin/hi3510/backup.cgi endpoint that can remotely download a compressed configuration backup without...

8.7CVSS6.6AI score0.00363EPSS

Exploits0References5

Positive Technologies•added 2025/11/26 12:0 a.m.•3 views

PT-2025-48195

Name of the Vulnerable Software and Affected Versions ACE SECURITY WIP-90113 HD cameras affected versions not specified Description ACE SECURITY WIP-90113 HD cameras have an issue where the /web/cgi-bin/hi3510/backup.cgi API endpoint allows the remote download of a compressed configuration backup...

8.7CVSS6.9AI score0.00363EPSS

Exploits0References9

CNNVD•added 2025/11/26 12:0 a.m.•2 views

ESCAM QD-900 WIFI HD Camera 访问控制错误漏洞

ESCAM QD-900 WIFI HD Camera is a wireless HD camera from ESCAM, China. The ESCAM QD-900 WIFI HD Camera suffers from an Access Control Error vulnerability that originates from the /web/cgi-bin/hi3510/backup.cgi endpoint that can remotely download a compressed configuration backup without...

8.7CVSS6.6AI score0.00355EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-2504

Malware in sbrugna...

8.8CVSS8.8AI score0.00229EPSS

Exploits0References2

NVD•added 2019/04/23 8:32 p.m.•8 views

CVE-2019-10710

Insecure permissions in the Web management portal on all IP cameras based on Hisilicon Hi3510 firmware allow authenticated attackers to receive a network's cleartext WiFi credentials via a specific HTTP request. This affects certain devices labeled as HI3510, HI3518, LOOSAFE, LEVCOECAM, Sywstoda,...

8.8CVSS8.5AI score0.00229EPSS

Exploits0References1

NVD•added 2019/04/23 8:32 p.m.•8 views

CVE-2019-10711

Incorrect access control in the RTSP stream and web portal on all IP cameras based on Hisilicon Hi3510 firmware until Webware version V1.0.1 allows attackers to view an RTSP stream by connecting to the stream with hidden credentials guest or user that are neither displayed nor configurable in the...

7.5CVSS7.6AI score0.00316EPSS

Exploits0References1

OSV•added 2019/04/23 8:32 p.m.•1 views

CVE-2019-10711

7.5CVSS7.2AI score0.00316EPSS

Exploits0References1

Prion•added 2019/04/23 8:32 p.m.•8 views

Improper access control

5CVSS7.6AI score0.00316EPSS

Exploits0References1Affected Software1

Prion•added 2019/04/23 8:32 p.m.•10 views

Design/Logic Flaw

4CVSS8.4AI score0.00229EPSS

Exploits0References1

Cvelist•added 2019/04/23 7:21 p.m.•15 views

CVE-2019-10711

7.6AI score0.00316EPSS

Exploits0References1

CVE•added 2019/04/23 7:21 p.m.•46 views

CVE-2019-10711

The CVE-2019-10711 entry describes an improper access control vulnerability in RTSP stream and web portal access for IP cameras based on Hisilicon Hi3510 firmware (up to Webware 1.0.1). Root cause: incorrect access control allowing access to an RTSP stream via hidden credentials (guest/user) not ...

7.5CVSS7.5AI score0.00316EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/04/23 7:6 p.m.•16 views

CVE-2019-10710

8.5AI score0.00229EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by