CVE-2015-1469

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...

CVE-2020-6769

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...

SerVision HVG Video Gateway devices with firmware elevation of privilege vulnerability

SerVision HVG Video Gateway is an intelligent video gateway product from SerVision Israel. An elevation of privilege vulnerability exists in SerVision HVG Video Gateway devices with firmware. It allows an authenticated remote user to gain privileges by exploiting a cookie received in an HTTP...

SerVision HVG Security Bypass Vulnerability

SerVision HVG Video Gateway is an intelligent video gateway product from SerVision Israel. A security vulnerability exists in SerVision HVG Video Gateway versions prior to 2.2.26a78, which stems from the program's use of a hard-coded administrator password. A remote attacker can exploit this...

CVE-2015-1469

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...

CVE-2015-0930

The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...

Authentication flaw

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response...

Hardcoded credentials

The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session...

CVE-2015-0929

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response...

CVE-2015-0930

SerVision HVG Video Gateway devices with firmware older than 2.2.26a100 contain a hardcoded administrator password in the web interface, allowing remote attackers to gain admin access via an HTTP session. Affected product: SerVision HVG Video Gateway; root cause: hardcoded credentials in the web ...

CVE-2015-0929

Affected product/variant: SerVision HVG Video Gateway devices with firmware up to 2.2.26a78 (and variants through 2.2.26a100 per sources). Vulnerability: time.htm in the web interface allows remote authenticated/unprivileged users to bypass authentication and obtain elevated/admin access by lever...

CVE-2015-1469

CVE-2015-1469 affects SerVision HVG Video Gateway devices with firmware up to 2.2.26a100. The issue is an elevation of privilege: remote authenticated users can leverage a cookie found in an HTTP response to gain privileges via the web interface, specifically through time.htm. Other CNVD/Red Hat/...

SerVision HVG Video Gateway web interface contains multiple vulnerabilities

Overview SerVision HVG Video Gateway web interface contains multiple vulnerabilities affecting multiple firmware versions. Description CWE-288: Authentication Bypass Using an Alternate Path or Channel, andCWE-284: Improper Access Control - CVE-2015-0929By visiting time.htm, a user is issued a...