CVE-2019-25247

Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into...

Beward N100 安全漏洞

Beward N100 is an IP video codec from the Russian open source Beward. A security vulnerability exists in Beward N100 H.264 VGA IP Camera version M2.1.6, which stems from insufficient validation of the READ.filePath parameter and could lead to the disclosure of arbitrary files...

EUVD-2019-4923

Malware in sbrugna...

EUVD-2025-25641

Malicious code in bioql PyPI...

EUVD-2025-25640

Malicious code in bioql PyPI...

CVE-2025-9382

A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1rftestconfig of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is...

PT-2025-34556

Name of the Vulnerable Software and Affected Versions: FNKvision Y215 CCTV Camera version 10.194.120.40 Description: A security issue has been identified in FNKvision Y215 CCTV Camera. The crypt function within the /etc/passwd file utilizes a weak hash, potentially allowing for local privilege...

VulnCheck KEV: CVE-2009-1558

Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter...

CVE-2025-25984

An issue in Macro-video Technologies Co.,Ltd V380E6C1 IP camera HwHsAKPIQpWFXHR 1020302 allows a physically proximate attacker to execute arbitrary code via UART component...

Cisco PVC2300 POE Video Camera Configuration Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco PVC2300 POE Video Camera configuration download', 'Description' = %q This module exploits an information disclosure vulnerability in Cisco...

CVE-2023-6248 Data leakage and arbitrary remote code execution in Syrus cloud devices

The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connect...

CVE-2023-6248 Data leakage and arbitrary remote code execution in Syrus cloud devices

The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connect...

PT-2023-11231 · Undefined · Undefined

Хакеры эксплуатируют уязвимость пятилетней давности, взламывая видеокамеры в банках Исследователи Fortinet FortiGuard Labs предупреждают, что злоумышленники активно эксплуатируют критическую неисправленную уязвимость, влияющую на устройства цифровой видеозаписи DVR TBK. Недостаток, отслеживаемый...

Zoom Client for Meetings < 4.4.5 Vulnerability (ZSB-19002)

The version of Zoom Client for Meetings installed on the remote host is prior to 4.4.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-19002 advisory. - A vulnerability in the macOS Zoom and RingCentral clients could allow a remote, unauthenticated attacker to force a user...

ACTi ACM-5611 Video Camera Remote Command Execution Exploit

Exploit for hardware platform in category web applications !/usr/bin/perl ACTi ACM-5611 Video Camera Remote Command Execution Exploit Copyright 2019 c Todor Donev Firmware Version = A1D-220-V3.08.08-AC Production ID = ACM5611-08G-X-00485 Factory Default Type = NTSC, Composite, Two Ways Audio 0x71...

CVE-2019-13450

In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a machine remains vulnerab...

The 25th anniversary of the webcam: What did it bring us?

How did the webcam progress from a simple convenience to a worldwide security concern in 25 years? November 2018 can be marked as the 25th anniversary of the webcam. This is a bit of an arbitrary choice, but if we consider a webcam that was installed at the University of Cambridge to keep an eye ...

Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation

Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Ubiquiti UniFi Video Windows Vendor URL: https://www.ubnt.com Type: Improper Handling of Insufficient Permissions or Privileges CWE-28...

Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Password Field Code Execution Vulnerability()

Summary An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. Tested Versions...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability(CVE-2017-2841)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...