13 matches found
EUVD-2015-1604
Malware in sbrugna...
EUVD-2015-0938
Malware in sbrugna...
CVE-2015-1469
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...
SerVision HVG Default Credentials (HTTP)
SerVision HVG is using known default credentials. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Servision HVG Hardcoded Credentials
Hello... Over a year ago I disclosed several vulnerabilities in Servision HVG network video recording devices. CVE-2015-0929 and CVE-2015-0930. https://www.kb.cert.org/vuls/id/522460 Since it's been a while now, and hardcoded backdoor passwords in "security" devices are the current hotness...
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...
CVE-2015-0929
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response...
Hardcoded credentials
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...
Design/Logic Flaw
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...
CVE-2015-1469
CVE-2015-1469 affects SerVision HVG Video Gateway devices with firmware up to 2.2.26a100. The issue is an elevation of privilege: remote authenticated users can leverage a cookie found in an HTTP response to gain privileges via the web interface, specifically through time.htm. Other CNVD/Red Hat/...
CVE-2015-0930
SerVision HVG Video Gateway devices with firmware older than 2.2.26a100 contain a hardcoded administrator password in the web interface, allowing remote attackers to gain admin access via an HTTP session. Affected product: SerVision HVG Video Gateway; root cause: hardcoded credentials in the web ...
CVE-2015-0930
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...
CVE-2015-1469
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...