20 matches found
EUVD-2020-11543
Malware in sbrugna...
EUVD-2024-42688
Malicious code in bioql PyPI...
EUVD-2024-42689
Malicious code in bioql PyPI...
CVE-2024-47789
UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 encoded username and password. A remote attacker could exploit this vulnerability by crafting a HTTP...
CVE-2024-47790
UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of insecure Real-Time Streaming Protocol RTSP version for live video streaming. A remote attacker could exploit this vulnerability by crafting a RTSP packet leading to unauthorized access to live feed...
CVE-2024-47789 Credential Leakage Vulnerability
UNSUPPORTED WHEN ASSIGNED This vulnerability exists in D3D Security IP Camera D8801 due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 encoded username and password. A remote attacker could exploit this vulnerability by crafting a HTTP...
CVE-2024-47789
The CVE-2024-47789 entry concerns D3D Security IP Camera D8801. The vulnerability arises from a weak authentication scheme in the HTTP header protocol, where the authorization tag contains a Base-64 encoded username and password. A remote attacker could exploit this by crafting an HTTP packet, re...
CVE-2024-41623
CVE-2024-41623 affects D3D Security D3D IP Camera (D8801) with v.V9.1.17.1.4-20180428. A local attacker can execute arbitrary code via a crafted payload. The connected PT-2024-29468 report specifies exploitation details: an unauthenticated attacker can trigger the issue by fuzzing with HTTP GET r...
CVE-2024-41623
An issue in D3D Security D3D IP Camera D8801 v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload...
CVE-2020-19639
Cross Site Request Forgery CSRF vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI...
CVE-2020-19643
Cross Site Scripting XSS vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page...
Design/Logic Flaw
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the 'recdata.db' file to call a specially crafted GoAhead ASP-file on the SD card...
Cross site scripting
Cross Site Scripting XSS vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page...
CVE-2020-19643
CVE-2020-19643 affects the INSMA Wifi Mini Spy 1080P HD Security IP Camera (firmware version 1.9.7 B). The issue is a Cross-Site Scripting (XSS) vulnerability that originates from inputs in the FTP settings page, exploitable through the goform/formSetFtpCfg endpoint. The CVSS data indicates a net...
CVE-2020-19642
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the 'recdata.db' file to call a specially crafted GoAhead ASP-file on the SD card...
CVE-2020-19641
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with the "Operator" Privilege can gain admin privileges via a crafted request to '/goform/formUserMng'...
CVE-2020-19641
CVE-2020-19641 affects INSMA Wifi Mini Spy 1080P HD Security IP Camera, firmware version 1.9.7 B. Authenticated attackers with the Operator privilege can escalate to admin by sending a crafted request to /goform/formUserMng . The connected documents corroborate administrator-privilege escalation ...
CVE-2020-19640
An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. An unauthenticated attacker can reboot the device causing a Denial of Service, via a hidden reboot command to '/media/?action=cmd'...
CVE-2020-19639
Cross Site Request Forgery CSRF vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI...
CVE-2020-19639
CVE-2020-19639 affects INSMA Wifi Mini Spy 1080P HD Security IP Camera, version 1.9.7 B. The vulnerability is a Cross-Site Request Forgery (CSRF) that can be triggered via all fields to the WebUI. The connected CNVD/NVD entries corroborate CSRF in this specific camera model. Root cause details be...