CVE-2025-12463

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19...

CVE-2025-12463

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19...

EUVD-2025-37502

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19...

CVE-2025-12463 Unauthenticated SQL Injection in Guetebruck G-Cam Series Cameras

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19...

CVE-2025-12463

Geutebruck G-Cam E-Series Cameras are affected by an unauthenticated SQL Injection via the Group parameter in /uapi-cgi/viewer/Param.cgi. The issue has been confirmed on the EFD-2130 with firmware 1.12.0.19. The root cause is insufficient validation of the Group parameter, enabling arbitrary SQL ...

CVE-2025-12463 Unauthenticated SQL Injection in Guetebruck G-Cam Series Cameras

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19...

PT-2025-44788

Name of the Vulnerable Software and Affected Versions Geutebruck G-Cam E-Series Cameras version 1.12.0.19 Description An unauthenticated SQL Injection exists within the Geutebruck G-Cam E-Series Cameras. The issue is located in the /uapi-cgi/viewer/Param.cgi script through the Group parameter...

CVE-2024-8956

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can...

VulnCheck KEV: CVE-2024-8957

PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntpaddr parameter of the /cgi-bin/param.cgi CGI script...

PT-2024-7556 · Ptzoptics · Ptzoptics Pt30X-Sdi/Ndi Cameras

Name of the Vulnerable Software and Affected Versions: PTZOptics PT30X-SDI/NDI Cameras versions prior to firmware 6.3.40 Description: The issue is related to an OS command injection problem. The camera does not sufficiently validate the ntp addr configuration value, which may lead to arbitrary...

Design/Logic Flaw

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi...

CVE-2018-12669

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi...