Lucene search
+L

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-16953

Malware in sbrugna...

9.8CVSS9.2AI score0.01959EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.3 views

Kiloview P1 4G Video Encoder and P2 4G Video Encoder Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from China-based Kiloview. A security vulnerability exists in the Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder, which stems from the fact that the devices support at least on...

5.3CVSS6.8AI score0.00133EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2020/10/19 12:0 a.m.261 views

HiSilicon Video Encoder Backdoor Password

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...

0.6AI score0.1976EPSS
Exploits3
0day.today
0day.today
added 2020/10/19 12:0 a.m.96 views

HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS) Exploit

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...

9.8CVSS9.7AI score0.35393EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.311 views

HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: https://www.szuray.com/ Software Link: N/A Version: up to 1.97 Tested on: Linux CVE: CVE-2020-24219 Vendors: URayTech...

7.8CVSS7.7AI score0.23636EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.226 views

HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...

9.8CVSS9.7AI score0.35393EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.273 views

HiSilicon Video Encoders - Full admin access via backdoor password

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...

9.8CVSS9.7AI score0.1976EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.420 views

HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...

9.8CVSS9.6AI score0.40302EPSS
Exploits5
NVD
NVD
added 2020/10/06 2:15 p.m.19 views

CVE-2020-24218

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file...

9.8CVSS0.01959EPSS
Exploits1References2
NVD
NVD
added 2020/10/06 2:15 p.m.26 views

CVE-2020-24219

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthenticated HTTP requests to exploit path traversal and pattern-matching programming flaws, and retrieve any file from the device's file system, including the configuration file with t...

7.8CVSS0.23636EPSS
Exploits3References3
NVD
NVD
added 2020/10/06 2:15 p.m.11 views

CVE-2020-24216

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to b...

7.5CVSS0.02112EPSS
Exploits1References2
Prion
Prion
added 2020/10/06 2:15 p.m.17 views

Hardcoded credentials

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to b...

5CVSS7.8AI score0.02112EPSS
Exploits1References2
Prion
Prion
added 2020/10/06 2:15 p.m.12 views

Hardcoded credentials

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file...

5CVSS9.5AI score0.01959EPSS
Exploits1References2Affected Software2
CVE
CVE
added 2020/10/06 1:16 p.m.75 views

CVE-2020-24219

CVE-2020-24219 affects URayTech IPTV/H.264/H.265 video encoders (up to v1.97). The vulnerability is a path traversal/pattern-matching flaw in unauthenticated HTTP handling that allows an attacker to read files from the device, including the configuration file containing the cleartext admin passwo...

7.8CVSS7.6AI score0.23636EPSS
In wildExploits3References3Affected Software1
Cvelist
Cvelist
added 2020/10/06 1:16 p.m.28 views

CVE-2020-24219

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthenticated HTTP requests to exploit path traversal and pattern-matching programming flaws, and retrieve any file from the device's file system, including the configuration file with t...

7.7AI score0.23636EPSS
Exploits3References3
NVD
NVD
added 2020/10/06 1:15 p.m.51 views

CVE-2020-24214

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming fo...

9.8CVSS0.35393EPSS
Exploits4References3
NVD
NVD
added 2020/10/06 1:15 p.m.37 views

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

9.8CVSS0.1976EPSS
Exploits3References3
CVE
CVE
added 2020/10/06 1:10 p.m.46 views

CVE-2020-24218

CVE-2020-24218 affects URayTech IPTV/H.264/H.265 video encoders (up to version 1.97). The issue allows an unauthenticated remote attacker to log in as root using a hard-coded password embedded in the executable, effectively granting full control over the device. Documents indicate this involves d...

9.8CVSS9.5AI score0.01959EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/06 1:10 p.m.23 views

CVE-2020-24218

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file...

9.6AI score0.01959EPSS
Exploits1References2
CVE
CVE
added 2020/10/06 1:5 p.m.112 views

CVE-2020-24217

HiSilicon IPTV/H.264/H.265 video encoder devices are affected by CVE-2020-24217 due to an unauthenticated file-upload endpoint that can upload a custom firmware component, potentially coupled with command injection, to achieve arbitrary code execution. The connected sources (exploit-DB entries, C...

9.8CVSS9.8AI score0.40302EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder