Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/01/09 11:54 a.m.4 views

CVE-2025-66052 Command injection in Vivotek IP7137 cameras

Vivotek IP7137 camera with firmware version 0200a is vulnerable to command injection. Parameter "systemntpIt" used by "/cgi-bin/admin/setparam.cgi" endpoint is not sanitized properly, allowing a user with administrative privileges to perform an attack. Due to CVE-2025-66050, administrative access...

8.6CVSS6.6AI score0.01329EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.5 views

The vulnerability of the sub_420AE0() function in Trendnet’s router software TEW-824DRU allows a hacker to execute arbitrary code.

The vulnerability of the sub420AE0 function in Trendnet’s router software TEW-824DRU is related to insufficient checking of arguments passed in the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the system.ntp.server parameter...

10CVSS7.7AI score0.00498EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.6 views

PT-2024-1406 · Trendnet · Trendnet Tew-824Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-824DRU version 1.04b01 Description: An issue in the TRENDnet TEW-824DRU allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub 420AE0 function. The attack can be launched remotel...

10CVSS8.3AI score0.00498EPSS
Exploits1References8
Prion
Prion
added 2020/01/24 7:15 p.m.12 views

Command injection

A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code...

9CVSS7.9AI score0.20463EPSS
Exploits6References5Affected Software1
Rows per page
Query Builder