253 matches found
EUVD-2009-2302
Malware in sbrugna...
EUVD-2023-56504
Malicious code in bioql PyPI...
EUVD-2023-55271
Malicious code in bioql PyPI...
CVE-2025-9380
A vulnerability was identified in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this issue is some unknown functionality of the file /etc/passwd of the component Firmware. Such manipulation leads to hard-coded credentials. Local access is required to approach this attack. The exploit is...
FNKvision Y215 CCTV Camera 安全漏洞
FNKvision Y215 CCTV Camera is a camera from FNKvision Thailand. A security vulnerability exists in FNKvision Y215 CCTV Camera version 10.194.120.40, which stems from hard-coded credentials and may require local access...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Improper Validation of Array Index Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests sent to TCP port 9876. The...
Tenda CP3 Pro 安全漏洞
Tenda CP3 Pro is a high quality security camera from Tenda China. A security vulnerability exists in Tenda CP3 Pro version V22.5.4.93, which originates from the default enablement of the telnet service and improper privileges, which may result in unauthorized access...
D-Link DCS-932L Buffer Overflow Vulnerability
The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a buffer overflow vulnerability that originates from the parameter EmailSMTPPortNumber in file /setSystemEmail failing to properly validate the...
CVE-2024-46959
runofast Indoor Security Camera for Baby Monitor has a default password of password for the root account. This allows access to the /stream1 URI via the rtsp:// protocol to receive the video and audio stream...
CVE-2024-31798
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices...
CVE-2023-51820
An issue in Blurams Lumi Security Camera A31C v.2.3.38.12558 allows a physically proximate attackers to execute arbitrary code...
CVE-2023-50488
An issue in Blurams Lumi Security Camera A31C v23.0406.435.4120 allows attackers to execute arbitrary code...
CVE-2020-25784
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientGuard::SubOprMsg during incoming message handling...
CVE-2019-12763
The Security Camera CZ application through 1.6.8 for Android stores potentially sensitive recorded video in external data storage, which is readable by any application...
CVE-2025-1099
CVE-2025-1099 affects the TP-Link/Tapo C500 Wi‑Fi camera. The vulnerability stems from a hard-coded RSA private key embedded in the device firmware, enabling a physically proximate attacker to obtain cryptographic private keys and perform impersonation, data decryption, and man-in-the-middle atta...
Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)
The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...
CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass
An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
CVE-2024-52547 Lorex 2K Indoor Wi-Fi Security Camera - Stack buffer overflow
An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service TCP port 80. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
CVE-2024-52546 Lorex 2K Indoor Wi-Fi Security Camera - Null pointer dereference
An unauthenticated attacker can perform a null pointer dereference in the DHIP Service UDP port 37810. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...