PT-2026-34337

My last CVE-2026-31077 of China PTZ camera lead to RCE + RTSP video stream over LAN network. The camera uses the app named “CareCamPro” with +1m downloads on Play Store https://t.co/S0T5XS8udh...

Honeywell多款产品 访问控制错误漏洞

Honeywell I-HIB2PI-UL 2MP, etc., are products of the American company Honeywell. The Honeywell I-HIB2PI-UL 2MP is an infrared dome camera. The Honeywell SMB NDAA MVO-3 is an infrared gimbal camera. The Honeywell PTZ WDR 2MP 32M is a series of night vision cameras. Several Honeywell products have...

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

CVE-2025-14749 Ningyuanda TC155 ONVIF PTZ Control device_service access control

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

CVE-2025-14749

CVE-2025-14749 affects Ningyuanda TC155, version 57.0.2.0, specifically the ONVIF PTZ Control Interface component via the file /onvif/device_service. Root cause: improper access controls leading to unauthorized access. Attack requires local network access; exploit is publicly available. Implicati...

EUVD-2018-19539

Malware in sbrugna...

EUVD-2018-19540

Malware in sbrugna...

EUVD-2025-7219

Malicious code in bioql PyPI...

CVE-2018-7828

A Cross-Site Request Forgery CSRF vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user clicks a specially crafted malicious link while logged into the camera...

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuyaipcdirectconnect function of the anykaipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera...

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuyaipcdirectconnect function of the anykaipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera...

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuyaipcdirectconnect function of the anykaipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera...

CVE-2024-8957

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...

Dahua Security Cameras Weak Password Recovery Mechanism for Forgotten Password (CVE-2017-9315)

Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by...

JVN#83655695: Multiple Dahua Technology products vulnerable to authentication bypass

Multiple products provided by Dahua Technology contain an authentication bypass vulnerability CWE-287. Impact The product's identity verification may be bypassed if a remote attacker sends specially crafted data packets. Solution Update the software Update the software to the latest version...

CVE-2023-0954

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack...

Design/Logic Flaw

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack...

CVE-2023-0954

The CVE-2023-0954 vulnerability affects Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras (Dome up to Illustra.SS016.05.09.04.0006; PTZ up to Illustra.SS010.05.09.04.0022). A debug feature is improperly enabled on some devices, enabling credential compromise after a long period of s...

Exploit for Missing Authentication for Critical Function in Ic Realtime_Icip-P2012T_Firmware

CVE-2023-31594 IC Realtime ICIP-P2012T is vulnerable to Incorr...

CVE-2022-30621 Cellinx NVT – IP PTZ Camera local file inclusion

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary files on the camera's OS as root user...