15 matches found
EUVD-2018-3708
Malware in sbrugna...
EUVD-2008-4361
Malware in sbrugna...
CVE-2018-11689
CVE-2018-11689 describes a cross-site scripting (XSS) vulnerability in the Web Viewer codebase used by Hanwha/DVR and Samsung Smart Viewer. The flaw is triggered via the data3 parameter in /cgi-bin/webviewer_login_page, affecting Hanwha DVR 2.17 and Samsung Web Viewer. CVSS metrics indicate netwo...
Samsung Web Viewer For Samsung DVR Cross Site Scripting
I. VULNERABILITY ------------------------- Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting XSS II. CVE REFERENCE ------------------------- CVE-2018-11689 III. REFERENCES ------------------------- https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11689 IV. CREDIT...
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie...
Samsung DVR Authentication Bypass
The remote Samsung DVR is prone to an Authentication Bypass. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Samsung DVR Authentication Bypass
Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...
PT-2013-61: Disclosure of sensitive information in Web Viewer for Samsung DVR
The specialists of the Positive Research center have detected "Disclosure of sensitive information" vulnerability associated with Absence of Password Hashing in Web Viewer for Samsung DVR. Users credentials logins and passwords are stored in plaintext at pages, not hashed or encrypted. This...
PT-2013-62: Internal Network Resources Access in Web Viewer for Samsung DVR
The specialists of the Positive Research center have detected "Internal Network Resources Access" vulnerability in Web Viewer for Samsung DVR. The vulnerability allows attackers to get unauthorized access to view and control the cameras via unsafe cookies parsing. If an attacker sends the request...
Design/Logic Flaw
The web interface in Samsung DVR SHR2040 allows remote attackers to cause a denial of service crash via a malformed HTTP request, related to the filter for configuration properties and "/x" characters...
Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC
No description provided by source. !/usr/bin/perl -w Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC The vulnerability is caused due to an unspecified error in the cgis files filter used for configure propierties. This can be exploited by sending a specially crafted HTTP request NO...
Samsung DVR SHR2040 - HTTPd Remote Denial of Service Denial of Service (PoC)
Samsung DVR SHR2040 - HTTPd Remote Denial of Service Denial of Service PoC !/usr/bin/perl -w Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC The vulnerability is caused due to an unspecified error in the cgis files filter used for configure propierties. This can be exploited by sending...
Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC
Exploit for hardware platform in category dos / poc ========================================================== Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC ========================================================== !/usr/bin/perl -w Samsung DVR SHR2040 HTTPD Remote Denial of Service...
Samsung DVR SHR2040 - HTTPd Remote Denial of Service Denial of Service (PoC)
!/usr/bin/perl -w Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC The vulnerability is caused due to an unspecified error in the cgis files filter used for configure propierties. This can be exploited by sending a specially crafted HTTP request NO necessary authentication, which will...
samsung-dos.txt
!/usr/bin/perl -w Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC The vulnerability is caused due to an unspecified error in the cgis files filter used for configure propierties. This can be exploited by sending a specially crafted HTTP request NO necessary authentication, which will...