Bosch Security Systems IP Cameras Improper Input Validation (CVE-2023-39509)

A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Bosch Security Systems IP Cameras Remote Code Execution (CVE-2018-19036)

An issue was discovered in several Bosch IP cameras running firmware 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. This plugin only works with Tenable.ot. Please visit...

Bosch Security Systems IP Cameras Uncontrolled Resource Consumption (CVE-2021-23852)

An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service DoS. This plugin only works with Tenable.ot. Please visit...

Bosch Security Systems IP Cameras Cross-site Scripting (CVE-2021-23848)

An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to a user, which will execute javascript code in the context of the user. This plugin only works with...

Bosch Security Systems IP Cameras Cross-Site Request Forgery (CVE-2021-23849)

A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user CSRF - Cross Site Request Forgery. This requires the victim to be tricked into clicking a malicious link or opening a malicious website while bei...

Bosch Security Systems IP Cameras Improper Input Validation (CVE-2021-23853)

In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Bosch Security Systems IP Cameras Reflected Cross-site Scripting (CVE-2021-23854)

An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting XSS in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected. This plugin only works with Tenable.ot. Please visit...

Bosch Security Systems IP Cameras Improper Access Control (CVE-2022-41677)

An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information like capabilities about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to...

Sony IP Cameras Cross-Site Request Forgery (CVE-2013-3539)

Cross-site request forgery CSRF vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for...

📄 Xiongmai XM530 ONVIF / RTSP Security Scanner

This project is a unified PHP-based security scanner designed to identify critical vulnerabilities in IP cameras, with a primary focus on ONVIF authentication bypass CVE-2025-65856 and unauthenticated RTSP stream exposure. The tool provides a single-file web interface that allows scanning a singl...

CVE-2026-0855 Merit LILIN｜IP Camera - OS Command Injection

Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

CVE-2016-2356

Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password...

CVE-2016-2359

Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource...

CVE-2016-2360

Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations...

Vatilon-based IP Cameras Authentication Bypass / Credential Exposure

Vatilon-based IP camera firmware contains an authentication bypass and plaintext credential exposure vulnerability in the /cgi-bin/web.cgi API. The web interface processes requests containing username and password parameters in plaintext without validating authentication state or session context,...

CVE-2025-65857

An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access...

VulnCheck KEV: CVE-2018-10661

An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control...

CVE-2025-53702

Vilar VS-IPC1002 IP cameras are vulnerable to DoS Denial-of-Service attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required. The vendor did not...

CVE-2025-53702

Vilar VS-IPC1002 IP cameras are vulnerable to DoS Denial-of-Service attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required. The vendor did not...

EUVD-2025-35685

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS Cross-site Scripting attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users. The vendor did not respond in any way. Only version 1.1.0.1...