19 matches found
EUVD-2015-1604
Malware in sbrugna...
EUVD-2015-0938
Malware in sbrugna...
CVE-2015-1469
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...
SerVision HVG Default Credentials (HTTP)
SerVision HVG is using known default credentials. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Servision HVG Hardcoded Credentials
Hello... Over a year ago I disclosed several vulnerabilities in Servision HVG network video recording devices. CVE-2015-0929 and CVE-2015-0930. https://www.kb.cert.org/vuls/id/522460 Since it's been a while now, and hardcoded backdoor passwords in "security" devices are the current hotness...
SerVision HVG Video Gateway devices with firmware elevation of privilege vulnerability
SerVision HVG Video Gateway is an intelligent video gateway product from SerVision Israel. An elevation of privilege vulnerability exists in SerVision HVG Video Gateway devices with firmware. It allows an authenticated remote user to gain privileges by exploiting a cookie received in an HTTP...
CVE-2015-1469
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response...
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...
Design/Logic Flaw
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...
Authentication flaw
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response...
Hardcoded credentials
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response...
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...
CVE-2015-0930
SerVision HVG Video Gateway devices with firmware older than 2.2.26a100 contain a hardcoded administrator password in the web interface, allowing remote attackers to gain admin access via an HTTP session. Affected product: SerVision HVG Video Gateway; root cause: hardcoded credentials in the web ...
CVE-2015-1469
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...
CVE-2015-0929
Affected product/variant: SerVision HVG Video Gateway devices with firmware up to 2.2.26a78 (and variants through 2.2.26a100 per sources). Vulnerability: time.htm in the web interface allows remote authenticated/unprivileged users to bypass authentication and obtain elevated/admin access by lever...
CVE-2015-1469
CVE-2015-1469 affects SerVision HVG Video Gateway devices with firmware up to 2.2.26a100. The issue is an elevation of privilege: remote authenticated users can leverage a cookie found in an HTTP response to gain privileges via the web interface, specifically through time.htm. Other CNVD/Red Hat/...
SerVision HVG Video Gateway web interface contains multiple vulnerabilities
Overview SerVision HVG Video Gateway web interface contains multiple vulnerabilities affecting multiple firmware versions. Description CWE-288: Authentication Bypass Using an Alternate Path or Channel, andCWE-284: Improper Access Control - CVE-2015-0929By visiting time.htm, a user is issued a...