7 matches found
CVE-2019-18339
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The HTTP service default port 5401/tcp of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network...
CVE-2019-19296
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The two FTP services default ports 21/tcp and 5411/tcp of the SiVMS/SiNVR Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary fil...
CVE-2019-19297
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from...
ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...
CVE-2019-19291
A vulnerability has been identified in Control Center Server CCS All versions V1.5.0, SiNVR/SiVMS Video Server All versions V5.0.0. The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server CCS maintain log files that store login credentials in cleartext. In configurations...
Design/Logic Flaw
A vulnerability has been identified in Control Center Server CCS All versions V1.5.0, SiNVR/SiVMS Video Server All versions V5.0.0. The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server CCS maintain log files that store login credentials in cleartext. In configurations...
Path traversal
A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from...