Lucene search

Insma Security Vulnerabilities

cve

CVE-2020-19639

Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI.

8.8CVSS

8.7AI Score

0.001EPSS

2021-03-30 03:15 AM

cve

CVE-2020-19640

An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. An unauthenticated attacker can reboot the device causing a Denial of Service, via a hidden reboot command to '/media/?action=cmd'.

7.5CVSS

7.5AI Score

0.001EPSS

2021-03-30 03:15 AM

cve

CVE-2020-19641

An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with the "Operator" Privilege can gain admin privileges via a crafted request to '/goform/formUserMng'.

8.8CVSS

8.5AI Score

0.001EPSS

2021-03-30 03:15 AM

cve

CVE-2020-19642

An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the 'recdata.db' file to call a specially crafted GoAhead ASP-file on the SD card.

6.2CVSS

6.6AI Score

0.0004EPSS

2021-03-30 03:15 AM

cve

CVE-2020-19643

Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page.

6.1CVSS

5.9AI Score

0.001EPSS

2021-03-30 03:15 AM