22 matches found
CVE-2024-2162
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...
CVE-2024-2161
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...
EUVD-2025-34057
A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in Firmware version late...
CVE-2025-9265
A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in Firmware version late...
CVE-2025-9265
Kiloview NDI N30 contains a broken authorization vulnerability that could let a remote unauthenticated attacker deactivate user verification and perform administrator actions. Affected products: Kiloview NDI N30; vulnerable component: authorization mechanism; root cause: bypass of user verificati...
PT-2025-41764
Name of the Vulnerable Software and Affected Versions Kiloview NDI N30 versions prior to 2.02.0246 Description A broken authorization allows a remote, unauthenticated attacker to disable user verification, granting access to administrative actions. This impacts Kiloview NDI N30. Recommendations...
Kiloview NDI N30 安全漏洞
Kiloview NDI N30 is a multi-channel NDI encoding and decoding device from Kiloview China. A security vulnerability exists in the Kiloview NDI N30 prior to version 2.02.0246, which stems from a flaw in the authorization mechanism that could allow an unauthenticated attacker to perform administrato...
EUVD-2024-27125
Malicious code in bioql PyPI...
EUVD-2024-27126
Malicious code in bioql PyPI...
CVE-2024-8956 PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can...
CVE-2024-8957
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...
PTZOptics PT30X-SDI/NDI-xx 安全漏洞
PTZOptics PT30X-SDI/NDI-xx is a series of HD cameras from PTZOptics. A security vulnerability exists in PTZOptics PT30X-SDI/NDI-xx versions prior to 6.3.40, which stems from insufficient validation of the ntpaddr configuration value. An attacker could use this vulnerability to execute arbitrary...
PTZOptics PT30X-SDI/NDI-xx 安全漏洞
PTZOptics PT30X-SDI/NDI-xx is a series of HD cameras from PTZOptics. A security vulnerability exists in PTZOptics PT30X-SDI/NDI-xx versions prior to 6.3.40 that stems from insufficient authentication. An attacker exploiting this vulnerability could disclose sensitive data such as usernames,...
CVE-2024-2162
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...
CVE-2024-2161
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...
CVE-2024-2162 Authenticated Remote Code Execution in Kiloview NDI N series products
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...
CVE-2024-2162 Authenticated Remote Code Execution in Kiloview NDI N series products
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...
CVE-2024-2162
CVE-2024-2162 is an OS command injection vulnerability in Kiloview NDI devices (N3, N3-s, N4, N20, N30, N40). The issue allows a low-privileged user to remotely execute arbitrary code with high privileges. Root cause is an OS command injection path exploitable over network. Affected firmware vers...
CVE-2024-2161
The CVE-2024-2161 issue affects Kiloview NDI products including N3, N3-s, N4, N20, N30, and N40. The root cause is hard-coded credentials in the Kiloview NDI API middleware, allowing unauthenticated users to bypass authentication. Exploitation details are not provided in the documents; no in-the-...
CVE-2024-2161 Use of Hard-coded Credentials in Kiloview NDI N series products API middleware
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227...