53 matches found
CVE-2019-18340
A vulnerability has been identified in Control Center Server CCS All versions = V1.5.0, SiNVR/SiVMS Video Server All versions = V5.0.0. Both the SiVMS/SiNVR Video Server and the Control Center Server CCS store user and device passwords by applying weak cryptography. A local attacker could exploit...
CVE-2019-18339
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The HTTP service default port 5401/tcp of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network...
EUVD-2019-8920
Malware in sbrugna...
EUVD-2019-8915
Malware in sbrugna...
EUVD-2019-8923
Malware in sbrugna...
EUVD-2019-8922
Malware in sbrugna...
EUVD-2019-8128
Malware in sbrugna...
CVE-2019-19296
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The two FTP services default ports 21/tcp and 5411/tcp of the SiVMS/SiNVR Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary fil...
CVE-2019-19298
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service...
CVE-2019-19299
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 = V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server applies weak cryptography when exposing device camera passwords. This could allow an unauthenticated remote attacker to read...
CVE-2019-19297
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from...
ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...
Siemens SiNVR 3 Input Validation Vulnerability
SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has an input validation vulnerability in its implementation that can be exploited by remote attackers to cause a denial of service by sending malformed HTT...
Siemens SiNVR 3 Plain Text Save File Vulnerability
SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 stores login credentials in plain text in a log file. An information disclosure vulnerability exists in the implementation, which can be exploited by a...
Siemens SiNVR 3 Cross-Site Scripting Vulnerability
SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has a reflected cross-site scripting vulnerability in its implementation, which can be exploited by remote attackers to obtain sensitive data or perform...
Siemens SiNVR 3 Path Traversal Vulnerability
SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has a path traversal vulnerability in its implementation that can be exploited by a remote attacker to download and access arbitrary files from the server...
Siemens SiNVR 3 Cross-Site Scripting Vulnerability (CNVD-2020-17007)
SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has a stored cross-site scripting vulnerability in multiple input field implementations that can be exploited by remote attackers to inject malicious...
CVE-2019-19296
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The two FTP services default ports 21/tcp and 5411/tcp of the SiVMS/SiNVR Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary fil...
CVE-2019-19297
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from...
CVE-2019-19298
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service...