Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2025/07/01 3:15 p.m.8 views

CVE-2025-34066

An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle MITM attacks...

8.3CVSS5.9AI score0.00269EPSS
Exploits0References4
NVD
NVD
added 2023/11/15 12:15 a.m.19 views

CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS0.00318EPSS
Exploits0References3
Prion
Prion
added 2023/11/15 12:15 a.m.17 views

Design/Logic Flaw

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

2.6CVSS7AI score0.00318EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/14 11:31 p.m.22 views

CVE-2023-46121 Generic Extractor MITM Vulnerability in yt-dlp

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS6.8AI score0.00318EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/11/14 11:31 p.m.21 views

CVE-2023-46121

yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie...

5CVSS5.1AI score0.00318EPSS
Exploits0
CNVD
CNVD
added 2016/10/12 12:0 a.m.3 views

HTTPS Protocol Certificate Validation Vulnerability in AVTECH Devices

AVTECH, founded in 1996, is one of the world's leading CCTV manufacturers. The main products are surveillance equipment, network cameras, network video recorders and so on. AVTECH devices are vulnerable to HTTPS protocol certificate validation vulnerability. SyncCloudAccount.sh, QueryFromClient.s...

6.9AI score
Exploits0References1
Rows per page
Query Builder