Lucene search
K

95 matches found

CVE
CVE
added 2019/08/06 10:24 p.m.62 views

CVE-2019-14703

CVE-2019-14703 describes a cross-site request forgery (CSRF) vulnerability in MicroDigital N-series cameras. The issue occurs in HTTPD via the path webparam?user&action=set&param=add, which can be abused to create an admin account. Public details consistently reference firmware up to 6400.0.8.5 a...

8.8CVSS8.5AI score0.0072EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/08/06 10:24 p.m.17 views

CVE-2019-14704

An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field...

9.6AI score0.01928EPSS
Exploits0References3
CVE
CVE
added 2019/08/06 10:24 p.m.62 views

CVE-2019-14704

CVE-2019-14704 describes an SSRF vulnerability in the HTTPD component of MicroDigital N-series cameras (firmware up to 6400.0.8.5). The issue occurs when FTP uploadfile field data contains a newline character, allowing HTTPD to be triggered via crafted FTP commands. Reported impact is high: CVSS ...

9.8CVSS9.4AI score0.01928EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/08/06 10:24 p.m.64 views

CVE-2019-14705

CVE-2019-14705 affects MicroDigital N-series cameras up to firmware 6400.0.8.5. The issue is an incorrect access control that lets an attacker perform admin actions using any valid cookie, effectively bypassing authentication. Documented CVSSv3 base score is 7.2 (HIGH) with network attack vector ...

7.2CVSS7AI score0.0155EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/08/06 10:24 p.m.21 views

CVE-2019-14705

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin...

7AI score0.0155EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/06 10:23 p.m.19 views

CVE-2019-14706

A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because...

7.8AI score0.02087EPSS
Exploits0References3
CVE
CVE
added 2019/08/06 10:23 p.m.66 views

CVE-2019-14706

The CVE-2019-14706 entry concerns MicroDigital N-series IP cameras running firmware up to 6400.0.8.5. The vulnerability is a denial-of-service caused by an unauthenticated attacker uploading a file to upload.php with a filename longer than 256 bytes; the file is placed in the updownload area and ...

7.5CVSS7.7AI score0.02087EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/08/06 10:23 p.m.66 views

CVE-2019-14707

CVE-2019-14707 affects MicroDigital N-series cameras (firmware up to 6400.0.8.5). The issue is in the firmware update process, which is insecure and permits remote code execution when an attacker supplies arbitrary firmware in a .dat file via the URI webparam?system&action=set&upgrade. The availa...

7.2CVSS7.3AI score0.03014EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/08/06 10:23 p.m.20 views

CVE-2019-14707

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI...

7.4AI score0.03014EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/06 10:21 p.m.18 views

CVE-2019-14708

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account...

10AI score0.04463EPSS
Exploits0References3
CVE
CVE
added 2019/08/06 10:21 p.m.69 views

CVE-2019-14708

CVE-2019-14708 affects MicroDigital N-series cameras up to firmware 6400.0.8.5. The issue is a buffer overflow in the action parameter, which can lead to remote code execution in the context of the nobody account. The available connected documents confirm the vulnerability description but do not ...

9.8CVSS9.9AI score0.04463EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/08/06 10:21 p.m.17 views

CVE-2019-14709

A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems...

9.5AI score0.01776EPSS
Exploits0References3
CVE
CVE
added 2019/08/06 10:21 p.m.70 views

CVE-2019-14709

CVE-2019-14709 affects MicroDigital N-series cameras up to firmware 6400.0.8.5. The vulnerability is a cleartext password storage issue in the file "/usr/local/ipsca/mipsca.db". If a camera is compromised, an attacker can access passwords and potentially abuse them to compromise additional system...

9.8CVSS9.3AI score0.01776EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2019/08/06 12:0 a.m.2 views

MicroDigital N-series cameras trust management issue vulnerability

MICRODIGITAL N-series cameras is a N-series network camera from MICRODIGITAL in Korea. A trust management issue vulnerability exists in the /usr/local/ipsca/mipsca.db file in MicroDigital N-series cameras using firmware version 6400.0.8.5 and earlier, which can be exploited by an attacker to gain...

9.8CVSS7AI score0.01776EPSS
Exploits0References1
Metasploit
Metasploit
added 2012/05/15 1:3 p.m.150 views

CCTV DVR Login Scanning Utility

This module tests for standalone CCTV DVR video surveillance deployments specifically by MicroDigital, HIVISION, CTRing, and numerous other rebranded devices that are utilizing default vendor passwords. Additionally, this module has the ability to brute force user accounts. Such CCTV DVR video...

7.7AI score
Exploits0
Rows per page
Query Builder