952 matches found
EUVD-2025-11900
Malicious code in bioql PyPI...
EUVD-2024-42689
Malicious code in bioql PyPI...
EUVD-2023-34772
Malicious code in bioql PyPI...
EUVD-2023-34774
Malicious code in bioql PyPI...
EUVD-2023-12790
Malicious code in bioql PyPI...
EUVD-2023-36284
Malicious code in bioql PyPI...
EUVD-2024-35743
Malicious code in bioql PyPI...
TRENDnet TV-IP110WN 安全漏洞
The TRENDnet TV-IP110WN is a wireless webcam from Trendnet, Inc. A security vulnerability exists in TRENDnet TV-IP110WN version 1.2.2, which stems from a least privilege violation in the file /server/boa.conf...
The vulnerability of the /vb.htm component in the wireless IP camera software of D-Link DCS-6010L allows a attacker to execute XSS attacks.
The vulnerability of the /vb.htm component in the microprogramming software of the D-Link DCS-6010L wireless IP camera is related to the lack of measures taken to protect the website structure when processing the paratest parameter. Exploiting this vulnerability allows a malicious actor to carry...
CVE-2025-7503
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service port 23 with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with...
CVE-2025-7503
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service port 23 with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with...
CVE-2025-7503
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service port 23 with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with...
CVE-2025-7503
CVE-2025-7503 affects Shenzhen Liandian OEM IP camera (AppFHE1_V1.0.6.0) where a Telnet service (port 23) is enabled by default and protected by undocumented, hard-coded credentials. A root-level shell can be obtained over the network, enabling remote code execution and privilege escalation. The ...
CVE-2025-7503
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service port 23 with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with...
PT-2025-29277
Name of the Vulnerable Software and Affected Versions: Shenzhen Liandian Communication Technology LTD OEM IP Camera version AppFHE1 V1.0.6.0 Description: An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service port 23 with undocumented, default...
The vulnerability of the web interface of IP camera software and digital/netscreen video recorders from Avtech allows a intruder to perform a CSRF attack.
The vulnerability of the web interface of IP camera software and digital/netscreen recorders from Avtech relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...
CVE-2025-34056
An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without...
CVE-2025-34053
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints...
CVE-2025-34066 AVTECH IP camera, DVR, and NVR Devices Unauthenticated Information Disclosure
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle MITM attacks...
CVE-2025-34056
CVE-2025-34056 affects AVTECH IP camera, DVR, and NVR devices. The vulnerability is an OS command injection in the PwdGrp.cgi endpoint that manages users/groups. Authenticated users can pass input via the pwd or grp parameters, which are embedded into system commands without proper sanitization, ...