CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2022/07/19 8:15 p.m.•2 views

CVE-2022-34537

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 was discovered to contain a cross-site scripting XSS vulnerability via the component biaoneshot.cgi...

5.4CVSS5.7AI score

OSV•added 2022/07/19 8:15 p.m.•4 views

CVE-2022-34536

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows attackers to access the core log file and perform session hijacking via a crafted session token...

7.5CVSS5.8AI score0.00586EPSS

NVD•added 2022/07/19 8:15 p.m.•12 views

CVE-2022-34536

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows attackers to access the core log file and perform session hijacking via a crafted session token...

7.5CVSS0.00586EPSS

NVD•added 2022/07/19 8:15 p.m.•16 views

CVE-2022-34539

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request...

8.8CVSS0.01173EPSS

7.5CVSS5.8AI score0.00658EPSS

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

OSV•added 2022/07/19 8:15 p.m.•2 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.5CVSS7.1AI score0.00658EPSS

OSV•added 2022/07/19 8:15 p.m.•2 views

CVE-2022-34539

8.8CVSS7.3AI score0.01173EPSS

5.4CVSS5.5AI score0.00369EPSS

CVE-2022-34537

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 was discovered to contain a cross-site scripting XSS vulnerability via the component biaoneshot.cgi...

8.8CVSS5.9AI score0.01173EPSS

CVE-2022-34540

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/licensetok.cgi. This vulnerability is exploitable via a crafted POST request...

OSV•added 2022/07/19 8:15 p.m.•3 views

CVE-2022-34540

8.8CVSS5.8AI score0.01173EPSS

8.8CVSS5.8AI score0.01173EPSS

CVE-2022-34539

ATTACKERKB•added 2022/07/19 8:15 p.m.•3 views

CVE-2022-34536

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows attackers to access the core log file and perform session hijacking via a crafted session token...

7.5CVSS5.8AI score0.00586EPSS

OSV•added 2022/07/19 8:15 p.m.•3 views

CVE-2022-34538

8.8CVSS7.3AI score0.02729EPSS

CVE•added 2022/07/19 7:4 p.m.•56 views

CVE-2022-34539

CVE-2022-34539 affects Digital Watchdog DW MEGApix IP cameras (version A7.2.2_20211029). The flaw is in the /admin/curltest.cgi component and is exploitable via a crafted POST request, enabling command injection. Public documents corroborate a high-severity impact (CVSSv3.1: 8.8; Network vector, ...

8.8CVSS8.7AI score0.01173EPSS

Cvelist•added 2022/07/19 7:3 p.m.•15 views

CVE-2022-34540

9AI score0.01173EPSS

CVE•added 2022/07/19 7:3 p.m.•61 views

CVE-2022-34540

CVE-2022-34540 affects Digital Watchdog DW MEGApix IP cameras (version A7.2.2_20211029). The vulnerable component is /admin/vca/license/license_tok.cgi, with a command-injection flaw exploitable via a crafted POST request. Affected product behavior and impact are described in multiple sources; PT...

8.8CVSS8.7AI score0.01173EPSS

CVE•added 2022/07/19 7:3 p.m.•54 views

CVE-2022-34537

The CVE-2022-34537 entry concerns Digital Watchdog DW MEGApix IP cameras with firmware version A7.2.2_20211029, where a cross-site scripting (XSS) vulnerability exists in the bia_oneshot.cgi component. According to the provided data, the vulnerability is exploitable over network, has low privileg...

5.4CVSS5.3AI score0.00369EPSS

CVE•added 2022/07/19 7:3 p.m.•81 views

CVE-2022-34535

Affected product: Digital Watchdog DW MEGApix IP cameras (firmware A7.2.2_20211029). Issue: Unauthenticated access allows viewing internal paths and scripts via web files. Impact: Confidentiality impact described as high in CVSS, with no information on exploitation details from the provided sourc...

7.5CVSS7.5AI score0.00658EPSS

CNNVD•added 2022/07/19 12:0 a.m.•4 views

Digital Watchdog DW MEGApix IP 操作系统命令注入漏洞

Digital Watchdog DW MEGApix IP is a camera from Digital Watchdog USA. An operating system command injection vulnerability exists in Digital Watchdog DW MEGApix IP cameras version A7.2.220211029, which originates from a command injection contained in the component /admin/vca/license/licensetok.cgi...

8.8CVSS7.9AI score0.01173EPSS