Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.8 views

CVE-2026-3966

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.6 views

CVE-2026-4597

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 9:30 a.m.9 views

EUVD-2026-16145

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. This affects the function GenericFastJsonRedisSerializer of the file src/main/java/com/genersoft/iot/vmp/conf/redis/RedisTemplateConfig.java of the component API Endpoint. The manipulation results in deserialization. It...

7.5CVSS6.6AI score0.00427EPSS
Exploits0References5
NVD
NVD
added 2026/03/26 9:16 a.m.9 views

CVE-2026-4860

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. This affects the function GenericFastJsonRedisSerializer of the file src/main/java/com/genersoft/iot/vmp/conf/redis/RedisTemplateConfig.java of the component API Endpoint. The manipulation results in deserialization. It...

7.5CVSS0.00427EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.22 views

wvp-GB28181-pro 代码问题漏洞

WVP-GB28181-Pro is a video monitoring platform developed by individual developer 648540858. Versions of WVP-GB28181-Pro 2.7.4 and earlier have code vulnerabilities. These vulnerabilities stem from a deserialization issue in the function GenericFastJsonRedisSerializer within the component API...

7.5CVSS7.2AI score0.00427EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.13 views

PT-2026-28653

Name of the Vulnerable Software and Affected Versions 648540858 wvp-GB28181-pro versions up to 2.7.4 Description A security flaw exists in the 648540858 wvp-GB28181-pro software. The issue is related to deserialization within the GenericFastJsonRedisSerializer function located in the file...

7.5CVSS5.8AI score0.00427EPSS
Exploits0References6
NVD
NVD
added 2026/03/23 9:17 p.m.4 views

CVE-2026-4597

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS0.00192EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/23 8:15 p.m.3 views

CVE-2026-4597 648540858 wvp-GB28181-pro Stream Proxy Query StreamProxyProvider.java selectAll sql injection

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

wvp-GB28181-pro SQL注入漏洞

WVP-GB28181-pro is a video monitoring platform developed by individual developer 648540858. Versions of WVP-GB28181-pro 2.7.4 and earlier have a SQL injection vulnerability. This vulnerability stems from a SQL injection vulnerability in the selectAll function within the Stream Proxy Query Handler...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/12 12:31 a.m.24 views

EUVD-2026-11491

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/12 12:2 a.m.42 views

CVE-2026-3966 648540858 wvp-GB28181-pro IP Address ABLMediaNodeServerService.java getDownloadFilePath server-side request forgery

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

6.5CVSS0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/12 12:2 a.m.6 views

CVE-2026-3966

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 12:2 a.m.5 views

CVE-2026-3966 648540858 wvp-GB28181-pro IP Address ABLMediaNodeServerService.java getDownloadFilePath server-side request forgery

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-24897

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.5 views

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts...

6.5CVSS5.9AI score0.00338EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.5 views

CVE-2024-37665

An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request...

8.8CVSS5.9AI score0.00505EPSS
Exploits1References1
NVD
NVD
added 2024/06/12 9:15 p.m.27 views

CVE-2024-37665

An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request...

8.8CVSS0.00505EPSS
Exploits1References2
NVD
NVD
added 2024/06/12 9:15 p.m.36 views

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts...

6.5CVSS0.00338EPSS
Exploits1References1
CVE
CVE
added 2024/06/12 12:0 a.m.55 views

CVE-2024-37665

CVE-2024-37665 affects WVP GB28181 Pro 2.0. An access-control flaw lets authenticated attackers escalate privileges to Administrator via a crafted POST request. The CVSS v3.1 base score is 8.8 (HIGH) with network access, low attack complexity, and required privileges Low. No exploitation details ...

8.8CVSS6.9AI score0.00505EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/12 12:0 a.m.21 views

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts...

6.6AI score0.00338EPSS
Exploits1References1
Rows per page
Query Builder