955 matches found
PT-2025-26604 · Ncr · Ncr Itm Web Terminal
Name of the Vulnerable Software and Affected Versions: NCR ITM Web terminal versions 4.4.0 through 4.4.4 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component. Recommendations: For versions 4.4.0 through 4.4.4, consider...
CVE-2024-47789
UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 encoded username and password. A remote attacker could exploit this vulnerability by crafting a HTTP...
CVE-2024-47790
UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of insecure Real-Time Streaming Protocol RTSP version for live video streaming. A remote attacker could exploit this vulnerability by crafting a RTSP packet leading to unauthorized access to live feed...
CVE-2024-41623
An issue in D3D Security D3D IP Camera D8801 v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload...
CVE-2024-51362
The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable to an information disclosure issue where live camera footage can be accessed through the RTSP protocol on port 8554 without requiring authentication. This allows unauthorized users with network access to view the camera's feed,...
CVE-2023-30354
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...
CVE-2023-6118
Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1...
CVE-2023-0773
The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerabili...
CVE-2023-30146
Assmann Digitus Plug IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials...
CVE-2023-30353
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document...
CVE-2023-30356
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware...
CVE-2022-41677
An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information like capabilities about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to...
CVE-2019-9676
Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker lo...
CVE-2017-8225
On Wireless IP Camera P2P WIFICAM devices, access to .ini files containing credentials is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI...
CVE-2019-14458
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header...
CVE-2017-8223
On Wireless IP Camera P2P WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av01 or tcp/av00...
CVE-2017-8224
Wireless IP Camera P2P WIFICAM devices have a backdoor root account that can be accessed with TELNET...
CVE-2013-4976
Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials...
CVE-2017-8222
Wireless IP Camera P2P WIFICAM devices have an "Apple Production IOS Push Services" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information...
CVE-2017-8221
Wireless IP Camera P2P WIFICAM devices rely on a cleartext UDP tunnel protocol aka the Cloud feature for communication between an Android application and a camera device, which allows remote attackers to obtain sensitive information by sniffing the network...