CVE-2019-18340

A vulnerability has been identified in Control Center Server CCS All versions = V1.5.0, SiNVR/SiVMS Video Server All versions = V5.0.0. Both the SiVMS/SiNVR Video Server and the Control Center Server CCS store user and device passwords by applying weak cryptography. A local attacker could exploit...

CVE-2019-18339

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The HTTP service default port 5401/tcp of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network...

EUVD-2019-8128

Malware in sbrugna...

EUVD-2019-8922

Malware in sbrugna...

EUVD-2019-8923

Malware in sbrugna...

EUVD-2019-8915

Malware in sbrugna...

EUVD-2019-8920

Malware in sbrugna...

CVE-2019-19296

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The two FTP services default ports 21/tcp and 5411/tcp of the SiVMS/SiNVR Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary fil...

CVE-2019-19298

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service...

CVE-2019-19299

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 = V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server applies weak cryptography when exposing device camera passwords. This could allow an unauthenticated remote attacker to read...

CVE-2019-19297

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from...

ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...

The vulnerability of the central control server of SiNVR 3 allows a hacker to read or modify the database of the central control server, as well as perform operations on the databases or operating system commands with administrator privileges.

The vulnerability of the central control server of SiNVR 3 Central Control Server lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to remotely read or modify the central control server’s database, as well as perform operations o...

The vulnerability of the streaming service (default port 5410/tcp) of the SiNVR 3 video server, which allows a perpetrator to gain access to protected information.

The vulnerability of the streaming service port 5410/tcp by default of the SiNVR 3 video server is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain access to protected information...

The vulnerability of the streaming service (default port 5410/tcp) of the SiNVR 3 video server, which allows a intruder to cause a service failure.

The vulnerability of the streaming service port 5410/tcp by default of the SiNVR 3 video server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures through specially crafted HTTP requests...

The vulnerability of the FTP service (default ports 21/tcp and 5411/tcp), which is used by the SiNVR 3 video server, allows a hacker to gain access to protected information.

The vulnerability of the FTP service default ports 21/tcp and 5411/tcp of the SiNVR 3 video server is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access to protected information...

Siemens SiNVR 3 Plain Text Save File Vulnerability

SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 stores login credentials in plain text in a log file. An information disclosure vulnerability exists in the implementation, which can be exploited by a...

Siemens SiNVR 3 Input Validation Vulnerability

SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has an input validation vulnerability in its implementation that can be exploited by remote attackers to cause a denial of service by sending malformed HTT...

Siemens SiNVR 3 Cross-Site Scripting Vulnerability

SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has a reflected cross-site scripting vulnerability in its implementation, which can be exploited by remote attackers to obtain sensitive data or perform...

Siemens SiNVR 3 Cross-Site Scripting Vulnerability (CNVD-2020-17007)

SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has a stored cross-site scripting vulnerability in multiple input field implementations that can be exploited by remote attackers to inject malicious...