Vitek VT-HDOC16BR has multiple vulnerabilities

The Vitek VT-HDOC16BR is Vitek's all-in-one recorder with EX-SDI, TVI, AHD, CVI, IP and Analog CVBS connectivity. The Vitek VT-HDOC16BR suffers from a remote code execution vulnerability and an information disclosure vulnerability. An attacker can exploit this vulnerability to execute arbitrary...

span.vitekcctv.com XSS vulnerability

Open Bug Bounty ID: OBB-599522 Description| Value ---|--- Affected Website:| span.vitekcctv.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Vitek - Remote Command Execution / Information Disclosure (PoC) Vulnerability

Exploit for multiple platform in category remote exploits STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 201...

Vitek RCE and Information Disclosure

Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Full Disclosure: 0-day heap: Executable + Non-ASLR stack:...

Vitek Remote Code Execution / Information Disclosure

STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Full Disclosure: 0-day heap: Executable + Non-ASLR stack...

Vitek Remote Code Execution / Information Disclosure Vulnerabilities

Exploit for php platform in category remote exploits STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Ful...

Vitek - Remote Command Execution Information Disclosure (PoC)

Vitek - Remote Command Execution Information Disclosure PoC STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22,...

Vitek - Remote Command Execution / Information Disclosure (PoC)

STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Full Disclosure: 0-day heap: Executable + Non-ASLR stack...

Citrix Nfuse 1.6 Published Applications Information Leak Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3926/info Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed webserver. If a request...