171 matches found
CVE-2025-68459
RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...
CVE-2025-68459
RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...
EUVD-2025-204038
RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...
CVE-2025-68459
RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...
CVE-2021-47731
Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...
CVE-2021-47729
Selea Targa IP OCR-ANPR Camera contains a stored cross-site scripting vulnerability in the 'fileslist' parameter that allows attackers to inject malicious HTML and script code. Attackers can send a POST request to /cgi-bin/getfile.php with crafted payload to execute arbitrary scripts in victim's...
A week in security (November 17 – November 23)
Last week on Malwarebytes Labs: AI teddy bear for kids responds with sexual content and advice about weapons Fake calendar invites are spreading. Here’s how to remove them and prevent more Budget Samsung phones shipped with unremovable spyware, say researchers What the Flock is happening with...
What the Flock is happening with license plate readers?
You’re driving home after another marathon day of work and kid-shuttling, nursing a lukewarm coffee in a mug that's trying too hard. As you turn onto your street, something new catches your eye. It's a tall pole with a small, boxy device perched on top. But it's not a bird-house and there's no...
Examining the Security Posture of an Anti-Crime Ecosystem
Whitepaper called Examining the security posture of an Anti-Crime Ecosystem. The prevalence of anti-crime technology has seen a steep incline in the past few years. Since the introduction of cell phones, the expectation of privacy has gone steeply down. With that in mind, independent security...
Should you let Chrome store your driver’s license and passport?
Google has rolled out a new autofill feature for Chrome that goes beyond storing just your passwords, addresses, and credit card numbers. The new "enhanced autofill" can now stash your driver's license, passport details, VIN, or license plate information. Sounds convenient, right? But just becaus...
CVE-2025-12108
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
CVE-2025-12108
The CVE-2025-12108 instance affects the Survision LPR Camera system, where authentication is not enforced by default, allowing access to the configuration wizard without login credentials. Affected component: the device’s access/configuration flow (license plate recognition camera system). Impact...
CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
Survision License Plate Recognition Camera
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to fully access the system without requiring authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...
Survision LPR Camera 访问控制错误漏洞
Survision LPR Camera is a license plate recognition camera from Survision France. An access control error vulnerability exists in Survision LPR Camera that stems from password protection not being enforced by default, which could lead to unauthorized access...
CVE-2025-43027
CVE-2025-43027 affects Genetec Security Center, with a critical issue in the ALPR Manager role that could allow an attacker to gain administrative access to the system. Public descriptions cite a base score of 9.8 (CVSS v3.1) and network, unauthenticated, no-user-interaction exploitability, causi...
PT-2025-44402
Name of the Vulnerable Software and Affected Versions Genetec Security Center affected versions not specified Description A critical severity issue has been identified in the ALPR Manager role of Security Center that could allow attackers to gain administrative access to the Genetec Security Cent...
Flok License Plate Surveillance
The company Flok is surveilling us as we drive: A retired veteran named Lee Schmidt wanted to know how often Norfolk, Virginia's 176 Flock Safety automated license-plate-reader cameras were tracking him. The answer, according to a U.S. District Court lawsuit filed in September, was more than four...
EUVD-2023-25580
Malicious code in bioql PyPI...