CVE-2026-5386

The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings...

CVE-2026-5386

CVE-2026-5386 concerns KMW CCTV Security Cameras with a critical unauthenticated password reset that lets an attacker remotely reset the administrator password to a known value, granting full access to feeds and settings. The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) yields a base sc...

CVE-2026-5386

The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings...

PT-2026-44967

Name of the Vulnerable Software and Affected Versions KMW CCTV Security Cameras affected versions not specified Description An issue exists that allows an unauthenticated attacker to remotely reset the administrator password to a known value. This action grants full access to the camera settings...

From Ukraine to Iran, Hacking Security Cameras Is Now Part of War’s ‘Playbook’

New research shows hundreds of attempts by apparent Iranian state hackers to hijack consumer-grade cameras, timed to missile and drone strikes. Israel, Russia, and Ukraine have also adopted this trick...

CVE-2020-36873

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorizatio...

Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet

Microsoft on Monday disclosed that it automatically detected and neutralized a distributed denial-of-service DDoS attack targeting a single endpoint in Australia that measured 15.72 terabits per second Tbps and nearly 3.64 billion packets per second pps. The tech giant said it was the largest DDo...

EUVD-2016-3440

Malware in sbrugna...

CVE-2025-35451

CVE-2025-35451 concerns PTZOptics and ValueHD-based pan-tilt-zoom cameras with hard-coded default administrative credentials. Affected devices expose SSH and/or Telnet on all interfaces, and the default passwords cannot be changed or the services disabled, enabling potential unauthorized admin ac...

Israel Says Iran Is Hacking Security Cameras for Spying

Plus: Ukrainian hackers reportedly knock out a key Russian internet provider, China’s Salt Typhoon hackers claim another victim, and the UK hits 23andMe with a hefty fine over its 2023 data breach...

The US Is Building a One-Stop Shop for Buying Your Data

Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more...

PT-2025-18025 · Undefined · Undefined

@HannahVLBelguim @KallasteLiina @EuropaBeacon exploit vuln"X CCTV", "CVE-2025-1347"; rtsp stream"192.168.1.100", "admin:pass123", "h264"; Security cameras? What security cameras? https://t.co/u9UYJeIv6J...

Ubiquiti UniFi Protect Cameras 命令注入漏洞

Ubiquiti UniFi Protect Cameras is a line of security cameras from Ubiquiti Networks that support the UniFi Protect platform for centralized management with remote access, smart monitoring and more. A code execution vulnerability exists in Ubiquiti UniFi Protect Cameras that stems from improper...

Dahua Security Cameras Improper Authentication (CVE-2021-33046)

Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Dahua ASI7213X-T1 Unrestricted Upload of File with Dangerous Type (CVE-2022-30560)

When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash. This plugin only works with Tenable.ot. Please visit...

Dahua Security Cameras Incorrect Default Permissions (CVE-2019-9682)

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker c...

Dahua Security Cameras Improper Authentication (CVE-2021-33044)

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

Dahua Security Cameras Insecure Storage of Sensitive Information (CVE-2017-7253)

Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the fir...

Dahua Security Cameras Weak Password Recovery Mechanism for Forgotten Password (CVE-2017-9315)

Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by...

Dahua Security Cameras Cleartext Storage of Sensitive Information (CVE-2019-9681)

Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this information by analyzing firmware packages by specific means. Affected products include: IPC- HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-...