3 matches found
Hanwha Techwin SRN-4000 Improper Access Control (CVE-2017-7912)
A security research organization has discovered and disclosed a critical vulnerability in the firmware of certain Hanwha network video recording NVR devices. A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges...
CVE-2023-37917
KubePi Privilege Escalation vulnerability: a normal user can elevate privileges by editing the isadmin field in requests, gaining admin control. Root cause is improper authorization in user-create/update flow. Impact is administrative access with high confidentiality/integrity/availability concer...
CVE-2021-22729
A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker to...