946 matches found
Camtron CMNC-200 IP Camera - Directory Traversal
The CMNC-200 IP Camera has a built-in web server that is vulnerable to directory transversal attacks, allowing access to any file on the camera file system. id: CVE-2010-4231 info: name: Camtron CMNC-200 IP Camera - Directory Traversal author: daffainfo severity: high description: The CMNC-200 IP...
CVE-2026-35902
The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parameters, an unauthenticated attacker can cause the RTSP service to enter a persistent authentication...
CVE-2026-35902
The CVE covers the RTSP service of the Mercury IP camera MIPC252W (firmware 1.0.5 Build 230306). The issue arises when handling failed Digest authentication attempts: repeatedly sending RTSP requests with invalid credentials can push the RTSP service into a persistent authentication failure state...
LSC Smart Connect Indoor IP Camera 安全漏洞
LSC Smart Connect Indoor IP Camera is a camera driver developed by LSC Smart Connect. Version 7.6.32 of the LSC Indoor Camera contains a security vulnerability. This vulnerability stems from the lack of verification of the length of the Protocol parameter within the Transport element. It may lead...
EUVD-2024-55500
A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...
TP-Link Systems Inc. VIGI Series IP Camera
RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
CVE-2023-31996
Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function...
CVE-2023-31994
Certain Hanwha products are vulnerable to Denial of Service DoS. ck vector is: When an empty UDP packet is sent to the listening service, the service thread results in a non-functional service DoS via WS Discovery and Hanwha proprietary discovery services. This affects IP Camera ANE-L7012R 1.41.0...
CVE-2023-31995
Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Cross Site Scripting XSS...
CVE-2018-6479
An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI...
CVE-2017-18377
An issue was discovered on Wireless IP Camera P2P WIFICAM cameras. There is Command Injection in the setftp.cgi script via shell metacharacters in the pwd variable, as demonstrated by a setftp.cgi?svr=192.168.1.1=21=ftp URI...
CVE-2019-25247
The CVE-2019-25247 entry applies to the Beward N100 H.264 VGA IP Camera (M2.1.6). The vulnerability is a cross-site request forgery (CSRF) that lets an attacker trigger administrative actions by deceiving a logged-in user with a malicious page (hidden form to add an admin). Root cause: lack of pr...
CVE-2019-25246
CVE-2019-25246 affects Beward N100 H.264 VGA IP Camera version M2.1.6. The issue is an authenticated file disclosure via the READ.filePath parameter, enabling access to arbitrary system files (e.g., /etc/passwd, /etc/issue) through the fileread script or SendCGICMD API. The vulnerability is explo...
CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2019-25247 Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...
CVE-2025-65817
LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in startapp.sh...
CVE-2025-65817
CVE-2025-65817 : The LSC Smart Connect Indoor IP Camera (v1.4.13) exposes a remote code execution vulnerability in the start_app.sh script. CVSS v3.1 base score 8.8 (High) with adjacent attack vector, no privileges required, no user interaction, and impacts on confidentiality, integrity, and avai...
PT-2025-52682
Name of the Vulnerable Software and Affected Versions LSC Smart Connect Indoor IP Camera version 1.4.13 Description The LSC Smart Connect Indoor IP Camera version 1.4.13 contains a remote code execution issue in the start app.sh script. Recommendations At the moment, there is no information about...
PT-2025-52721
Name of the Vulnerable Software and Affected Versions Xiongmai XM530 IP cameras version V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 Description The GetStreamUri function exposes RTSP URIs that include hardcoded credentials, allowing unauthorized access to direct video streams. The affected devi...
Ningyuanda TC155 访问控制错误漏洞
The Ningyuanda TC155 is an IP camera from the Chinese company Ningyuanda. An access control error vulnerability exists in the Ningyuanda TC155 version 57.0.2.0, which stems from improper access control of the ONVIF Device Management Service component, which could lead to unauthorized access...