14 matches found
CVE-2018-12258
An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting...
CVE-2019-12919
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved o...
EUVD-2019-7145
Malware in sbrugna...
EUVD-2021-30980
Malicious code in bioql PyPI...
PT-2025-31105 · Unknown · Marbella Kr8S Dashcam
Name of the Vulnerable Software and Affected Versions: Marbella KR8s Dashcam FF version 2.0.8 Description: An issue exists where the existing password is written in cleartext onto a newly inserted SD card. An attacker with temporary physical access to the device can steal the password by swapping...
CVE-2023-41818
An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs...
CVE-2021-3615
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262...
CVE-2019-16398
On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...
CVE-2023-41818
CVE-2023-41818 affects the Motorola Device Help application. Root cause: improper use of the SD card for sensitive data. Impact: a local attacker could read system logs. CVSSv3.1 metrics indicate Local attack, Low attack complexity, Low privileges, User interaction required, Confidentiality impac...
CVE-2021-3615
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262...
Design/Logic Flaw
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262...
CVE-2018-3890
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability...
Solider Theme - External URLs, Possible privilege escalation, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Solider Theme published at the 'play' market has multiple vulnerabilities...
FONIC - Customized SSL, External URLs, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application FONIC published at the 'play' market has multiple vulnerabilities...