EUVD-2025-27022

Malicious code in bioql PyPI...

EUVD-2025-27019

Malicious code in bioql PyPI...

CVE-2025-35452

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface...

CVE-2025-35452

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface...

CVE-2025-35451

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

CVE-2025-35452 Pan-Tilt-Zoom cameras default administrative credentials for web interface

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface...

CVE-2025-35452

PTZOptics and ValueHD-based PTZ cameras are affected by an insufficient authentication issue affecting the administrative web interface. The vulnerability stems from default, shared credentials and weak access controls for the /cgi-bin/param.cgi path, enabling remote, unauthenticated access to se...

CVE-2025-35451 Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

PTZOptics多款产品 安全漏洞

PTZOptics PT12X-SE-xx-G3 and others are a camera from PTZOptics USA. A security vulnerability exists in various PTZOptics products that stems from the use of hard-coded default management credentials. The following products are affected: the PTZOptics PT20X-SE-xx-G3, PTZOptics PT12X-LINK-4K-xx, a...

PTZOptics PT12X-LINK-4K-xx 安全漏洞

The PTZOptics PT12X-LINK-4K-xx is a camera from PTZOptics, Inc. A security vulnerability exists in the PTZOptics PT12X-LINK-4K-xx that stems from the management web interface using default sharing credentials...

PTZOptics Camera Multiple Vulnrebilities (Sep 2024) - Active Check

PTZOptics Camera devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:ptzoptics:"...

PTZOptics Camera Detection (HTTP)

HTTP based detection of PTZOptics Camera devices. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PTZOptics and Other Pan-Tilt-Zoom Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak sensitive data, execute arbitrary commands, and access the admin web interface using hard-coded credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the...

CVE-2024-8957

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...

CVE-2024-8956

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can...

PTZOptics Camera Web Interface Detection

Binary data ptzopticscamerawebdetect.nbin...

PTZOptics Camera Multiple Vulnerabilities (Direct Check)

Binary data ptzopticscameraCVE-2024-8956.nbin...

PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference IDOR vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root...

PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability

PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntpaddr parameter of the /cgi-bin/param.cgi CGI script...

CVE-2024-8957

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...