Lucene search
+L

106 matches found

CVE
CVE
added 2019/06/20 6:57 p.m.156 views

CVE-2019-12919

CVE-2019-12919 affects Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4. The connected Red Hat/CNVD/NVD records describe an unauthenticated attacker on the local network gaining access to the device’s internal SD card through the HTTP service on port 8000, enabling viewing or downloadi...

5.5CVSS5.6AI score0.00353EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/06/20 6:57 p.m.24 views

CVE-2019-12919

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved o...

5.6AI score0.00353EPSS
Exploits0References1
0day.today
0day.today
added 2019/06/18 12:0 a.m.373 views

CleverDog Smart Camera DOG-2W / DOG-2W-V4 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications 1. Advisory Information ======================================== Title: Clever Dog Smart Camera Vendor Homepage: http://www.cleverdog.com.cn/ Tested on Camera types : DOG-2W, DOG-2W-V4 Vulnerability: Hardware- Multiple Vulnerabilities Dat...

Exploits0
CNVD
CNVD
added 2019/02/25 12:0 a.m.5 views

Robert Bosch Smart Camera App for Android Privilege Permission and Access Control Vulnerability

Robert Bosch Smart Camera App for Android is an Android-based smart camera management application from Robert Bosch, Germany. A privilege-granting and access control vulnerability exists in versions of the Bosch Smart Camera App for Android prior to 1.3.1, which stems from a failure to set securi...

3.3CVSS6.6AI score0.00269EPSS
Exploits0References1
OSV
OSV
added 2019/02/22 1:29 p.m.3 views

CVE-2019-7729

An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. The Bosch Smart Home App is not affected. iOS Apps ar...

3.3CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2019/02/22 1:29 p.m.14 views

Design/Logic Flaw

An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. The Bosch Smart Home App is not affected. iOS Apps ar...

2.1CVSS4AI score0.00269EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/02/22 1:29 p.m.15 views

Design/Logic Flaw

An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly implemented TLS certificate checks, a malicious actor could potentially succeed in executing a man-in-the-middle attack for some connections. The Bosch Smart Home App is not affected. iOS Apps are no...

5.1CVSS7.1AI score0.00476EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/02/22 1:29 p.m.18 views

CVE-2019-7729

An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. The Bosch Smart Home App is not affected. iOS Apps ar...

3.3CVSS3.9AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2019/02/22 1:0 p.m.61 views

CVE-2019-7728

The CVE-2019-7728 entry concerns the Bosch Smart Camera App for Android (before version 1.3.1). The root cause is improperly implemented TLS certificate checks, enabling the possibility of a man-in-the-middle attack on certain connections. Impact is described as partial confidentiality, integrity...

7.5CVSS7AI score0.00476EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/02/22 1:0 p.m.63 views

CVE-2019-7729

The CVE affects the Bosch Smart Camera App for Android prior to version 1.3.1. It arises from insecure permission settings, enabling a local attacker to retrieve video clips or still images cached for clip sharing. Impact is limited to confidentiality (partial), with no egregious integrity/availa...

3.3CVSS4AI score0.00269EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/02/22 1:0 p.m.18 views

CVE-2019-7729

An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. The Bosch Smart Home App is not affected. iOS Apps ar...

3.9AI score0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/02/22 1:0 p.m.21 views

CVE-2019-7728

An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly implemented TLS certificate checks, a malicious actor could potentially succeed in executing a man-in-the-middle attack for some connections. The Bosch Smart Home App is not affected. iOS Apps are no...

7.1AI score0.00476EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/19 12:0 a.m.2 views

Directory Traversal Vulnerability in ZTE C520 Smart Camera

The ZTE C520 is a smart Wi-Fi watchdog camera. A directory traversal vulnerability exists in the ZTE C520 smart camera. An attacker can exploit the vulnerability to read arbitrary files...

6.8AI score
Exploits0
Prion
Prion
added 2018/09/12 1:29 a.m.13 views

Improper access control

LG LNB, LND, LNU, and LNV smart network camera devices have broken access control. Attackers are able to download /updownload/t.report aka Log & Report files and download backup files via download.php without authenticating. These backup files contain user credentials and configuration informatio...

5CVSS7.5AI score0.09348EPSS
Exploits5References2Affected Software18
Prion
Prion
added 2018/08/23 3:29 p.m.18 views

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera...

9CVSS9.6AI score0.02014EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2018/08/23 3:29 p.m.24 views

CVE-2018-3867

An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera...

9.9CVSS9.7AI score0.02014EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/08/23 3:0 p.m.32 views

CVE-2018-3867

An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera...

9.9CVSS9.7AI score0.02014EPSS
Exploits2References1
CVE
CVE
added 2018/08/23 3:0 p.m.62 views

CVE-2018-3867

CVE-2018-3867 describes a stack-based buffer overflow in Samsung SmartThings Hub (STH-ETH-250) video-core HTTP server. The vulnerability exists in the samsungWifiScan callback handling during camera discovery, where the hub constructs a POST to a callback URL using an unconstrained camera respons...

9.9CVSS9.6AI score0.02014EPSS
Exploits2References1Affected Software1
seebug.org
seebug.org
added 2018/07/30 12:0 a.m.595 views

Samsung SmartThings Hub video-core samsungWifiScan Callback Code Execution Vulnerability(CVE-2018-3867)

Summary An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stac...

0.5AI score0.02014EPSS
Exploits2
seebug.org
seebug.org
added 2018/07/30 12:0 a.m.566 views

Samsung SmartThings Hub hubCore Port 39500 HTTP Header Injection Vulnerability(CVE-2018-3911)

Summary An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages, leading to partially controll...

0.5AI score0.01223EPSS
Exploits2
Rows per page
Query Builder