185 matches found
EUVD-2020-7729
Malware in sbrugna...
EUVD-2018-6656
Malware in sbrugna...
EUVD-2018-10797
Malware in sbrugna...
EUVD-2017-3127
Malware in sbrugna...
EUVD-2017-17189
Malware in sbrugna...
EUVD-2023-56341
Malicious code in bioql PyPI...
EUVD-2023-56337
Malicious code in bioql PyPI...
EUVD-2025-23188
Malicious code in bioql PyPI...
EUVD-2022-52417
Malicious code in bioql PyPI...
CVE-2025-50777
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service...
CVE-2025-50777
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service...
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left unaddressed, could allow attackers to hijack control of susceptible devices. "The flaws, affecting the device's ONVIF protocol and file upload handlers, allow...
PT-2025-31430 · Aziot · Aziot 2Mp Full Hd Smart Wi-Fi Cctv Home Security Camera
Name of the Vulnerable Software and Affected Versions: AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 Description: The firmware contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Successful exploitation exposes...
CVE-2022-30563
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet...
CVE-2017-14743
Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/deviceservice, as demonstrated by reading the admin password...
(Pwn2Own) Synology TC500 ONVIF Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology TC500 cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the ONVIF protocol. The issue results from the la...
Dahua ASI7213X-T1 Authentication Bypass By Capture-Replay (CVE-2022-30563)
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
CVE-2023-51628
D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Although authentication is required to exploit this...
CVE-2023-51629
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2023-51629
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw...