Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2018/01/11 12:0 a.m.66 views

Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest' class MetasploitModule 'Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload', 'Description' = %q This module exploits an...

6.5CVSS8.6AI score0.51379EPSS
Exploits7
ATTACKERKB
ATTACKERKB
added 2017/11/06 12:0 a.m.19 views

Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload

Samsung NVR Recorder SRN-1670D is a high performance network video recorder. An arbitrary file upload vulnerability was found in the Web Viewer component, which could allow an authenticated user to upload a PHP payload to get code execution. Recent assessments: jvazquez-r7 at September 12, 2019...

8.8CVSS0.8AI score0.51379EPSS
Exploits7References4
Prion
Prion
added 2017/09/11 9:29 a.m.16 views

Design/Logic Flaw

On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter...

9.3CVSS8AI score0.04426EPSS
Exploits0References1
CVE
CVE
added 2017/09/11 9:0 a.m.44 views

CVE-2017-14262

CVE-2017-14262 affects Samsung NVR devices. Remote attackers can read the MD5 hash of the admin password via szUserName JSON data sent to cgi-bin/main-cgi and then use that hash in szUserPasswd to log in. The vulnerability is network-exposed with high impact (confidentiality/integrity/availabilit...

9.3CVSS8AI score0.04426EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder