4 matches found
CVE-2026-50245 Brickcom Cameras Missing Authentication for Critical Function
Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed...
PT-2026-48735
Name of the Vulnerable Software and Affected Versions Brickcom cameras affected versions not specified Description Unauthenticated access to live snapshot images is possible via the '/ONVIF' endpoint, allowing the retrieval of still images from the camera feed without requiring authentication...
📄 motionEye 0.43.1b4 Remote Code Execution
Client-side validation in motionEye's web UI can be bypassed via overriding the JS validation function. Arbitrary values including shell interpolation syntax can be saved into the motion config. When motion is restarted, the motion process interprets the config and can execute shell syntax embedd...
Design/Logic Flaw
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. The Bosch Smart Home App is not affected. iOS Apps ar...